diff options
author | Geora Barsky <georab@amdocs.com> | 2018-11-06 22:42:23 -0500 |
---|---|---|
committer | Geora Barsky <georab@amdocs.com> | 2018-11-07 11:53:04 -0500 |
commit | 65f4a56f694099f7a25d252c264eda1437b85c23 (patch) | |
tree | 961899dcf00470f9f5499d3e651a9232a676ee0b /src/main | |
parent | 9624b228f128a465556b369f92a4cfca8fbff12c (diff) |
Adding support to SSL client cert
Issue-ID: LOG-807
Change-Id: I7e3e72467ebd1326f981806e78401b208e5ae525
Signed-off-by: Geora Barsky <georab@amdocs.com>
Diffstat (limited to 'src/main')
3 files changed, 91 insertions, 2 deletions
diff --git a/src/main/java/org/onap/pomba/contextbuilder/aai/AAIBasicAuthCondition.java b/src/main/java/org/onap/pomba/contextbuilder/aai/AAIBasicAuthCondition.java new file mode 100644 index 0000000..dfadbb4 --- /dev/null +++ b/src/main/java/org/onap/pomba/contextbuilder/aai/AAIBasicAuthCondition.java @@ -0,0 +1,32 @@ +/* + * ============LICENSE_START=================================================== + * Copyright (c) 2018 Amdocs + * ============================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END===================================================== + */ +package org.onap.pomba.contextbuilder.aai; + +import org.springframework.context.annotation.Condition; +import org.springframework.context.annotation.ConditionContext; +import org.springframework.core.type.AnnotatedTypeMetadata; + +public class AAIBasicAuthCondition implements Condition { + + @Override + public boolean matches(ConditionContext conditionContext, AnnotatedTypeMetadata annotatedTypeMetadata) + { + String authenticionMode = conditionContext.getEnvironment().getProperty("aai.authentication"); + return authenticionMode.equalsIgnoreCase("basic_auth"); + } +} diff --git a/src/main/java/org/onap/pomba/contextbuilder/aai/AAIClientCertCondition.java b/src/main/java/org/onap/pomba/contextbuilder/aai/AAIClientCertCondition.java new file mode 100644 index 0000000..19b42b1 --- /dev/null +++ b/src/main/java/org/onap/pomba/contextbuilder/aai/AAIClientCertCondition.java @@ -0,0 +1,32 @@ +/* + * ============LICENSE_START=================================================== + * Copyright (c) 2018 Amdocs + * ============================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END===================================================== + */ +package org.onap.pomba.contextbuilder.aai; + +import org.springframework.context.annotation.Condition; +import org.springframework.context.annotation.ConditionContext; +import org.springframework.core.type.AnnotatedTypeMetadata; + +public class AAIClientCertCondition implements Condition { + + @Override + public boolean matches(ConditionContext conditionContext, AnnotatedTypeMetadata annotatedTypeMetadata) + { + String authenticionMode = conditionContext.getEnvironment().getProperty("aai.authentication"); + return authenticionMode.equalsIgnoreCase("client_cert"); + } +} diff --git a/src/main/java/org/onap/pomba/contextbuilder/aai/AAIConfiguration.java b/src/main/java/org/onap/pomba/contextbuilder/aai/AAIConfiguration.java index 22f7b5e..3035d1b 100644 --- a/src/main/java/org/onap/pomba/contextbuilder/aai/AAIConfiguration.java +++ b/src/main/java/org/onap/pomba/contextbuilder/aai/AAIConfiguration.java @@ -25,6 +25,7 @@ import org.onap.aai.restclient.client.RestClient; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Value; import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Conditional; import org.springframework.stereotype.Component; @@ -47,7 +48,18 @@ public class AAIConfiguration { @Autowired @Value("${aai.httpProtocol}") private String httpProtocol; - + @Autowired + @Value("${aai.authentication}") + private String authenticationMode; + @Autowired + @Value("${aai.trustStorePath}") + private String trustStorePath; + @Autowired + @Value("${aai.keyStorePath}") + private String keyStorePath; + @Autowired + @Value("${aai.keyStorePassword}") + private String keyStorePassword; @Autowired @Value("${aai.connectionTimeout}") private Integer connectionTimeout; @@ -79,14 +91,27 @@ public class AAIConfiguration { return ("Basic " + encodedAuth); } + @Conditional(AAIBasicAuthCondition.class) @Bean(name="aaiClient") - public RestClient restClient() { + public RestClient restClientWithBasicAuth() { + System.out.println("in basic auth"); RestClient restClient = new RestClient(); restClient.validateServerHostname(false).validateServerCertChain(false).connectTimeoutMs(connectionTimeout).readTimeoutMs(readTimeout); restClient.basicAuthUsername(username); restClient.basicAuthPassword(Password.deobfuscate(password)); return restClient; + } + @Conditional(AAIClientCertCondition.class) + @Bean(name="aaiClient") + public RestClient restClientWithClientCert() { + RestClient restClient = new RestClient(); + System.out.println("in client cert"); + if (httpProtocol.equals("https")) + restClient.validateServerHostname(false).validateServerCertChain(false).trustStore(trustStorePath).clientCertFile(keyStorePath).clientCertPassword(keyStorePassword).connectTimeoutMs(connectionTimeout).readTimeoutMs(readTimeout); + else + restClient.validateServerHostname(false).validateServerCertChain(false).connectTimeoutMs(connectionTimeout).readTimeoutMs(readTimeout); + return restClient; } @Bean(name="aaiBaseUrl") |