diff options
Diffstat (limited to 'src/main/java/org/onap/integration/simulators/nfsimulator/vesclient/simulator/client')
11 files changed, 600 insertions, 0 deletions
diff --git a/src/main/java/org/onap/integration/simulators/nfsimulator/vesclient/simulator/client/HttpApacheResponseAdapterFactory.java b/src/main/java/org/onap/integration/simulators/nfsimulator/vesclient/simulator/client/HttpApacheResponseAdapterFactory.java new file mode 100644 index 0000000..d77d4c9 --- /dev/null +++ b/src/main/java/org/onap/integration/simulators/nfsimulator/vesclient/simulator/client/HttpApacheResponseAdapterFactory.java @@ -0,0 +1,45 @@ +/* + * ============LICENSE_START======================================================= + * PNF-REGISTRATION-HANDLER + * ================================================================================ + * Copyright (C) 2021 Nokia. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.integration.simulators.nfsimulator.vesclient.simulator.client; + +import org.apache.http.HttpResponse; +import org.apache.http.util.EntityUtils; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import java.io.IOException; + +public class HttpApacheResponseAdapterFactory { + + private static final Logger LOGGER = LoggerFactory.getLogger(HttpApacheResponseAdapterFactory.class); + + public HttpResponseAdapter create(HttpResponse response) { + String message; + try { + message = EntityUtils.toString(response.getEntity()); + } catch (IllegalArgumentException | IOException e) { + LOGGER.warn("Response from VES was empty"); + message = ""; + } + return new HttpResponseAdapter(response.getStatusLine().getStatusCode(), message); + } + +} diff --git a/src/main/java/org/onap/integration/simulators/nfsimulator/vesclient/simulator/client/HttpClientAdapter.java b/src/main/java/org/onap/integration/simulators/nfsimulator/vesclient/simulator/client/HttpClientAdapter.java new file mode 100644 index 0000000..2f716c2 --- /dev/null +++ b/src/main/java/org/onap/integration/simulators/nfsimulator/vesclient/simulator/client/HttpClientAdapter.java @@ -0,0 +1,27 @@ +/* + * ============LICENSE_START======================================================= + * PNF-REGISTRATION-HANDLER + * ================================================================================ + * Copyright (C) 2018 Nokia. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.integration.simulators.nfsimulator.vesclient.simulator.client; + +public interface HttpClientAdapter { + + HttpResponseAdapter send(String content); + +} diff --git a/src/main/java/org/onap/integration/simulators/nfsimulator/vesclient/simulator/client/HttpClientAdapterImpl.java b/src/main/java/org/onap/integration/simulators/nfsimulator/vesclient/simulator/client/HttpClientAdapterImpl.java new file mode 100644 index 0000000..6cddc18 --- /dev/null +++ b/src/main/java/org/onap/integration/simulators/nfsimulator/vesclient/simulator/client/HttpClientAdapterImpl.java @@ -0,0 +1,119 @@ +/* + * ============LICENSE_START======================================================= + * PNF-REGISTRATION-HANDLER + * ================================================================================ + * Copyright (C) 2020 Nokia. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.integration.simulators.nfsimulator.vesclient.simulator.client; + +import org.apache.commons.codec.binary.Base64; +import org.apache.http.HttpHeaders; +import org.apache.http.HttpResponse; +import org.apache.http.client.HttpClient; +import org.apache.http.client.methods.HttpPost; +import org.apache.http.entity.StringEntity; +import org.apache.http.util.EntityUtils; +import org.onap.integration.simulators.nfsimulator.vesclient.simulator.client.utils.ssl.HttpClientFactoryFacade; +import org.onap.integration.simulators.nfsimulator.vesclient.simulator.client.utils.ssl.SslAuthenticationHelper; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.slf4j.MDC; +import org.slf4j.Marker; +import org.slf4j.MarkerFactory; + +import java.io.IOException; +import java.io.UnsupportedEncodingException; +import java.net.URI; +import java.net.URISyntaxException; +import java.nio.charset.StandardCharsets; +import java.security.GeneralSecurityException; +import java.util.UUID; + +import static org.onap.integration.simulators.nfsimulator.vesclient.logging.MdcVariables.REQUEST_ID; +import static org.onap.integration.simulators.nfsimulator.vesclient.logging.MdcVariables.X_INVOCATION_ID; +import static org.onap.integration.simulators.nfsimulator.vesclient.logging.MdcVariables.X_ONAP_REQUEST_ID; + +public class HttpClientAdapterImpl implements HttpClientAdapter { + + private static final Logger LOGGER = LoggerFactory.getLogger(HttpClientAdapterImpl.class); + private static final String CONTENT_TYPE = "Content-Type"; + private static final String APPLICATION_JSON = "application/json"; + private static final Marker INVOKE = MarkerFactory.getMarker("INVOKE"); + private static final HttpApacheResponseAdapterFactory responseFactory = new HttpApacheResponseAdapterFactory(); + private final HttpClient client; + private final String targetUrl; + + public HttpClientAdapterImpl(String targetUrl, SslAuthenticationHelper sslAuthenticationHelper) + throws IOException, GeneralSecurityException { + this.client = HttpClientFactoryFacade.create(targetUrl, sslAuthenticationHelper); + this.targetUrl = targetUrl; + } + + HttpClientAdapterImpl(HttpClient client, String targetUrl) { + this.client = client; + this.targetUrl = targetUrl; + } + + @Override + public HttpResponseAdapter send(String content) { + HttpResponseAdapter vesResponse; + try { + HttpResponse response = sendAndRetrieve(content); + LOGGER.info(INVOKE, "Message sent, ves response code: {}", response.getStatusLine()); + vesResponse = responseFactory.create(response); + EntityUtils.consumeQuietly(response.getEntity()); //response has to be fully consumed otherwise apache won't release connection + } catch (IOException | URISyntaxException e) { + LOGGER.warn("Error sending message to ves: {}", e.getMessage(), e.getCause()); + vesResponse = new HttpResponseAdapter(421, String.format("Fail to connect with ves: %s", e.getMessage())); + } + return vesResponse; + } + + private HttpResponse sendAndRetrieve(String content) throws IOException, URISyntaxException { + HttpPost request = createRequest(content); + HttpResponse httpResponse = client.execute(request); + request.releaseConnection(); + return httpResponse; + } + + private HttpPost createRequest(String content) throws UnsupportedEncodingException, URISyntaxException { + LOGGER.info("sending request using address: {}", this.targetUrl); + URI targetAddress = new URI(this.targetUrl); + HttpPost request = new HttpPost(targetAddress); + if(urlContainsUserInfo(targetAddress)) { + request.addHeader(HttpHeaders.AUTHORIZATION, getAuthenticationHeaderForUser(targetAddress.getUserInfo())); + } + StringEntity stringEntity = new StringEntity(content); + request.addHeader(CONTENT_TYPE, APPLICATION_JSON); + request.addHeader(X_ONAP_REQUEST_ID, MDC.get(REQUEST_ID)); + request.addHeader(X_INVOCATION_ID, UUID.randomUUID().toString()); + request.setEntity(stringEntity); + return request; + } + + private boolean urlContainsUserInfo(URI targetAddress) { + return targetAddress.getUserInfo() != null && !targetAddress.getUserInfo().isEmpty(); + } + + private String getAuthenticationHeaderForUser(String userInfo) { + final byte[] encodedUserInfo = Base64.encodeBase64( + userInfo.getBytes(StandardCharsets.ISO_8859_1) + ); + return String.format("Basic %s", new String(encodedUserInfo)); + } + +} diff --git a/src/main/java/org/onap/integration/simulators/nfsimulator/vesclient/simulator/client/HttpResponseAdapter.java b/src/main/java/org/onap/integration/simulators/nfsimulator/vesclient/simulator/client/HttpResponseAdapter.java new file mode 100644 index 0000000..976a972 --- /dev/null +++ b/src/main/java/org/onap/integration/simulators/nfsimulator/vesclient/simulator/client/HttpResponseAdapter.java @@ -0,0 +1,41 @@ +/* + * ============LICENSE_START======================================================= + * PNF-REGISTRATION-HANDLER + * ================================================================================ + * Copyright (C) 2021 Nokia. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.integration.simulators.nfsimulator.vesclient.simulator.client; + +public class HttpResponseAdapter { + + private final int code; + private final String message; + + public HttpResponseAdapter(int code, String message) { + this.code = code; + this.message = message; + } + + public int getCode() { + return code; + } + + public String getMessage() { + return message; + } + +} diff --git a/src/main/java/org/onap/integration/simulators/nfsimulator/vesclient/simulator/client/utils/ssl/CertAuthSslContextFactory.java b/src/main/java/org/onap/integration/simulators/nfsimulator/vesclient/simulator/client/utils/ssl/CertAuthSslContextFactory.java new file mode 100644 index 0000000..4257f9e --- /dev/null +++ b/src/main/java/org/onap/integration/simulators/nfsimulator/vesclient/simulator/client/utils/ssl/CertAuthSslContextFactory.java @@ -0,0 +1,53 @@ +/* + * ============LICENSE_START======================================================= + * PNF-REGISTRATION-HANDLER + * ================================================================================ + * Copyright (C) 2020 Nokia. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.integration.simulators.nfsimulator.vesclient.simulator.client.utils.ssl; + +import java.io.IOException; +import java.security.GeneralSecurityException; +import java.security.KeyStore; +import javax.net.ssl.SSLContext; +import org.apache.http.conn.ssl.TrustSelfSignedStrategy; +import org.apache.http.ssl.SSLContexts; + +class CertAuthSslContextFactory { + + private final CertificateReader certificateReader; + + CertAuthSslContextFactory(CertificateReader certificateReader) { + this.certificateReader = certificateReader; + } + + SSLContext createSslContext(SslAuthenticationHelper sslAuthenticationHelper) + throws GeneralSecurityException, IOException { + final String keystorePasswordPath = sslAuthenticationHelper.getClientCertificatePasswordPath(); + + final KeyStore keystore = certificateReader.read(sslAuthenticationHelper.getClientCertificatePath(), + keystorePasswordPath, "PKCS12"); + final KeyStore truststore = certificateReader.read(sslAuthenticationHelper.getTrustStorePath(), + sslAuthenticationHelper.getTrustStorePasswordPath(), "JKS"); + + return SSLContexts.custom() + .loadKeyMaterial(keystore, certificateReader.readPassword(keystorePasswordPath)) + .loadTrustMaterial(truststore, new TrustSelfSignedStrategy()) + .build(); + } + +} diff --git a/src/main/java/org/onap/integration/simulators/nfsimulator/vesclient/simulator/client/utils/ssl/CertificateReader.java b/src/main/java/org/onap/integration/simulators/nfsimulator/vesclient/simulator/client/utils/ssl/CertificateReader.java new file mode 100644 index 0000000..0d22d0e --- /dev/null +++ b/src/main/java/org/onap/integration/simulators/nfsimulator/vesclient/simulator/client/utils/ssl/CertificateReader.java @@ -0,0 +1,46 @@ +/* + * ============LICENSE_START======================================================= + * PNF-REGISTRATION-HANDLER + * ================================================================================ + * Copyright (C) 2020 Nokia. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.integration.simulators.nfsimulator.vesclient.simulator.client.utils.ssl; + +import java.io.FileInputStream; +import java.io.IOException; +import java.io.InputStream; +import java.nio.file.Files; +import java.nio.file.Path; +import java.security.GeneralSecurityException; +import java.security.KeyStore; + +class CertificateReader { + + KeyStore read(String certificatePath, String passwordPath, String type) throws GeneralSecurityException, IOException { + try (InputStream keyStoreStream = new FileInputStream(certificatePath)) { + KeyStore keyStore = KeyStore.getInstance(type); + keyStore.load(keyStoreStream, readPassword(passwordPath)); + return keyStore; + } + } + + char[] readPassword(String passwordPath) throws IOException { + final String password = Files.readString(Path.of(passwordPath)); + return PasswordConverter.convert(password); + } + +} diff --git a/src/main/java/org/onap/integration/simulators/nfsimulator/vesclient/simulator/client/utils/ssl/HttpClientFactory.java b/src/main/java/org/onap/integration/simulators/nfsimulator/vesclient/simulator/client/utils/ssl/HttpClientFactory.java new file mode 100644 index 0000000..7237203 --- /dev/null +++ b/src/main/java/org/onap/integration/simulators/nfsimulator/vesclient/simulator/client/utils/ssl/HttpClientFactory.java @@ -0,0 +1,104 @@ +/* + * ============LICENSE_START======================================================= + * PNF-REGISTRATION-HANDLER + * ================================================================================ + * Copyright (C) 2020 Nokia. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.integration.simulators.nfsimulator.vesclient.simulator.client.utils.ssl; + +import io.vavr.control.Try; +import org.apache.http.client.HttpClient; +import org.apache.http.client.config.RequestConfig; +import org.apache.http.conn.ssl.DefaultHostnameVerifier; +import org.apache.http.conn.ssl.NoopHostnameVerifier; +import org.apache.http.impl.client.HttpClientBuilder; +import org.apache.http.impl.client.HttpClients; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import javax.net.ssl.HostnameVerifier; +import javax.net.ssl.SSLContext; +import java.io.IOException; +import java.net.URL; +import java.security.GeneralSecurityException; +import java.security.KeyManagementException; +import java.security.KeyStoreException; +import java.security.NoSuchAlgorithmException; + +class HttpClientFactory { + private static final int CONNECTION_TIMEOUT = 1000; + private static final RequestConfig CONFIG = RequestConfig.custom() + .setConnectTimeout(CONNECTION_TIMEOUT) + .setConnectionRequestTimeout(CONNECTION_TIMEOUT) + .setSocketTimeout(CONNECTION_TIMEOUT) + .build(); + private static final Logger LOGGER = LoggerFactory.getLogger(HttpClientFactory.class); + private final SSLContextFactory sslContextFactory; + + HttpClientFactory(SSLContextFactory sslContextFactory) { + this.sslContextFactory = sslContextFactory; + } + + HttpClient create(String url, SslAuthenticationHelper sslAuthenticationHelper) throws GeneralSecurityException, IOException { + HttpClient client; + if (!sslAuthenticationHelper.isClientCertificateEnabled()) { + client = "https".equals(new URL(url).getProtocol()) ? createForHttps() : createBasic(); + } else if (sslAuthenticationHelper.isStrictHostnameVerification()) { + client = createSecured(sslContextFactory.create(sslAuthenticationHelper), new DefaultHostnameVerifier()); + } else { + client = createSecured(sslContextFactory.create(sslAuthenticationHelper), new NoopHostnameVerifier()); + } + return client; + } + + private HttpClient createForHttps() { + return Try.of(this::createSecuredTrustAlways) + .onFailure(this::logErrorMessage) + .getOrElse(createBasic()); + } + + private void logErrorMessage(Throwable e) { + String message = String.format( + "Could not initialize client due to SSL exception: %s. " + + "Default client without SSL support will be used instead." + + "\nCause: %s", + e.getMessage(), + e.getCause() + ); + LOGGER.error(message, e); + } + + + private HttpClient createBasic() { + return HttpClientBuilder + .create() + .setDefaultRequestConfig(CONFIG) + .build(); + } + + private HttpClient createSecuredTrustAlways() throws NoSuchAlgorithmException, KeyStoreException, KeyManagementException { + return createSecured(sslContextFactory.createTrustAlways(), new NoopHostnameVerifier()); + } + + private HttpClient createSecured(SSLContext trustAlways, HostnameVerifier hostnameVerifier) { + return HttpClients.custom() + .setSSLContext(trustAlways) + .setDefaultRequestConfig(CONFIG) + .setSSLHostnameVerifier(hostnameVerifier) + .build(); + } +} diff --git a/src/main/java/org/onap/integration/simulators/nfsimulator/vesclient/simulator/client/utils/ssl/HttpClientFactoryFacade.java b/src/main/java/org/onap/integration/simulators/nfsimulator/vesclient/simulator/client/utils/ssl/HttpClientFactoryFacade.java new file mode 100644 index 0000000..2ed1ff9 --- /dev/null +++ b/src/main/java/org/onap/integration/simulators/nfsimulator/vesclient/simulator/client/utils/ssl/HttpClientFactoryFacade.java @@ -0,0 +1,40 @@ +/* + * ============LICENSE_START======================================================= + * PNF-REGISTRATION-HANDLER + * ================================================================================ + * Copyright (C) 2020 Nokia. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.integration.simulators.nfsimulator.vesclient.simulator.client.utils.ssl; + +import java.io.IOException; +import java.security.GeneralSecurityException; +import org.apache.http.client.HttpClient; + +public class HttpClientFactoryFacade { + + private HttpClientFactoryFacade() { + } + + private static final CertificateReader CERTIFICATE_READER = new CertificateReader(); + private static final CertAuthSslContextFactory CERT_AUTH_SSL_CONTEXT_FACTORY = new CertAuthSslContextFactory(CERTIFICATE_READER); + private static final SSLContextFactory SSL_CONTEXT_FACTORY = new SSLContextFactory(CERT_AUTH_SSL_CONTEXT_FACTORY); + private static final HttpClientFactory HTTP_CLIENT_FACTORY = new HttpClientFactory(SSL_CONTEXT_FACTORY); + + public static HttpClient create(String url, SslAuthenticationHelper sslAuthenticationHelper) throws GeneralSecurityException, IOException { + return HTTP_CLIENT_FACTORY.create(url, sslAuthenticationHelper); + } +} diff --git a/src/main/java/org/onap/integration/simulators/nfsimulator/vesclient/simulator/client/utils/ssl/PasswordConverter.java b/src/main/java/org/onap/integration/simulators/nfsimulator/vesclient/simulator/client/utils/ssl/PasswordConverter.java new file mode 100644 index 0000000..b29963c --- /dev/null +++ b/src/main/java/org/onap/integration/simulators/nfsimulator/vesclient/simulator/client/utils/ssl/PasswordConverter.java @@ -0,0 +1,32 @@ +/* + * ============LICENSE_START======================================================= + * PNF-REGISTRATION-HANDLER + * ================================================================================ + * Copyright (C) 2020 Nokia. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.integration.simulators.nfsimulator.vesclient.simulator.client.utils.ssl; + +import java.util.Optional; + +class PasswordConverter { + private PasswordConverter() { + } + + static char[] convert(String password) { + return Optional.ofNullable(password).map(String::toCharArray).orElse(null); + } +} diff --git a/src/main/java/org/onap/integration/simulators/nfsimulator/vesclient/simulator/client/utils/ssl/SSLContextFactory.java b/src/main/java/org/onap/integration/simulators/nfsimulator/vesclient/simulator/client/utils/ssl/SSLContextFactory.java new file mode 100644 index 0000000..e54b4c0 --- /dev/null +++ b/src/main/java/org/onap/integration/simulators/nfsimulator/vesclient/simulator/client/utils/ssl/SSLContextFactory.java @@ -0,0 +1,48 @@ +/* + * ============LICENSE_START======================================================= + * PNF-REGISTRATION-HANDLER + * ================================================================================ + * Copyright (C) 2020 Nokia. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ +package org.onap.integration.simulators.nfsimulator.vesclient.simulator.client.utils.ssl; + +import java.io.IOException; +import java.security.GeneralSecurityException; +import java.security.KeyManagementException; +import java.security.KeyStoreException; +import java.security.NoSuchAlgorithmException; +import javax.net.ssl.SSLContext; +import org.apache.http.conn.ssl.TrustAllStrategy; +import org.apache.http.conn.ssl.TrustStrategy; +import org.apache.http.ssl.SSLContextBuilder; + +class SSLContextFactory { + private static final TrustStrategy TRUST_STRATEGY_ALWAYS = new TrustAllStrategy(); + + private final CertAuthSslContextFactory certAuthSslContextFactory; + + SSLContextFactory(CertAuthSslContextFactory certAuthSslContextFactory) { + this.certAuthSslContextFactory = certAuthSslContextFactory; + } + SSLContext create(SslAuthenticationHelper sslAuthenticationHelper) throws GeneralSecurityException, IOException { + return certAuthSslContextFactory.createSslContext(sslAuthenticationHelper); + } + + SSLContext createTrustAlways() throws KeyStoreException, NoSuchAlgorithmException, KeyManagementException { + return SSLContextBuilder.create().loadTrustMaterial(TRUST_STRATEGY_ALWAYS).build(); + } + +} diff --git a/src/main/java/org/onap/integration/simulators/nfsimulator/vesclient/simulator/client/utils/ssl/SslAuthenticationHelper.java b/src/main/java/org/onap/integration/simulators/nfsimulator/vesclient/simulator/client/utils/ssl/SslAuthenticationHelper.java new file mode 100644 index 0000000..c72cb3c --- /dev/null +++ b/src/main/java/org/onap/integration/simulators/nfsimulator/vesclient/simulator/client/utils/ssl/SslAuthenticationHelper.java @@ -0,0 +1,45 @@ +/* + * ============LICENSE_START======================================================= + * PNF-REGISTRATION-HANDLER + * ================================================================================ + * Copyright (C) 2020 Nokia. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ +package org.onap.integration.simulators.nfsimulator.vesclient.simulator.client.utils.ssl; + +import java.io.Serializable; + +import lombok.Getter; +import lombok.Setter; +import org.springframework.boot.context.properties.ConfigurationProperties; +import org.springframework.cloud.context.config.annotation.RefreshScope; +import org.springframework.context.annotation.Primary; +import org.springframework.stereotype.Component; + +@Component +@ConfigurationProperties(prefix = "ssl") +@RefreshScope +@Primary +@Getter +@Setter +public class SslAuthenticationHelper implements Serializable { + + private boolean clientCertificateEnabled; + private boolean strictHostnameVerification; + private String clientCertificatePath; + private String clientCertificatePasswordPath; + private String trustStorePath; + private String trustStorePasswordPath; +} |