diff options
author | Geora Basky <georab@amdocs.com> | 2018-11-13 16:13:31 -0500 |
---|---|---|
committer | Geora Basky <georab@amdocs.com> | 2018-11-13 16:19:34 -0500 |
commit | 794fe767942bbdc3f21c46fa2da841817106105b (patch) | |
tree | 8e666156d30dac1c292bcdea255f2a4cbd7a3bdd /src/main | |
parent | 46116d2c304dc3df4de06cee353da52daa9ce8ab (diff) |
Adding client cert SSL support for AAI Rest client
Change-Id: I6fd32c777d610c3f4e222fa0c55552968342b43a
Issue-ID: LOG-808
Signed-off-by: Geora Basky <georab@amdocs.com>
Diffstat (limited to 'src/main')
3 files changed, 92 insertions, 1 deletions
diff --git a/src/main/java/org/onap/pomba/contextbuilder/sdnc/AAIBasicAuthCondition.java b/src/main/java/org/onap/pomba/contextbuilder/sdnc/AAIBasicAuthCondition.java new file mode 100644 index 0000000..29f3291 --- /dev/null +++ b/src/main/java/org/onap/pomba/contextbuilder/sdnc/AAIBasicAuthCondition.java @@ -0,0 +1,32 @@ +/* + * ============LICENSE_START=================================================== + * Copyright (c) 2018 Amdocs + * ============================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END===================================================== + */ +package org.onap.pomba.contextbuilder.sdnc; + +import org.springframework.context.annotation.Condition; +import org.springframework.context.annotation.ConditionContext; +import org.springframework.core.type.AnnotatedTypeMetadata; + +public class AAIBasicAuthCondition implements Condition { + + @Override + public boolean matches(ConditionContext conditionContext, AnnotatedTypeMetadata annotatedTypeMetadata) + { + String authenticionMode = conditionContext.getEnvironment().getProperty("aai.authentication"); + return authenticionMode.equalsIgnoreCase("basic_auth"); + } +} diff --git a/src/main/java/org/onap/pomba/contextbuilder/sdnc/AAIClientCertCondition.java b/src/main/java/org/onap/pomba/contextbuilder/sdnc/AAIClientCertCondition.java new file mode 100644 index 0000000..113ba31 --- /dev/null +++ b/src/main/java/org/onap/pomba/contextbuilder/sdnc/AAIClientCertCondition.java @@ -0,0 +1,32 @@ +/* + * ============LICENSE_START=================================================== + * Copyright (c) 2018 Amdocs + * ============================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END===================================================== + */ +package org.onap.pomba.contextbuilder.sdnc; + +import org.springframework.context.annotation.Condition; +import org.springframework.context.annotation.ConditionContext; +import org.springframework.core.type.AnnotatedTypeMetadata; + +public class AAIClientCertCondition implements Condition { + + @Override + public boolean matches(ConditionContext conditionContext, AnnotatedTypeMetadata annotatedTypeMetadata) + { + String authenticionMode = conditionContext.getEnvironment().getProperty("aai.authentication"); + return authenticionMode.equalsIgnoreCase("client_cert"); + } +} diff --git a/src/main/java/org/onap/pomba/contextbuilder/sdnc/SdncConfiguration.java b/src/main/java/org/onap/pomba/contextbuilder/sdnc/SdncConfiguration.java index bc2ca64..7317143 100644 --- a/src/main/java/org/onap/pomba/contextbuilder/sdnc/SdncConfiguration.java +++ b/src/main/java/org/onap/pomba/contextbuilder/sdnc/SdncConfiguration.java @@ -22,8 +22,10 @@ import java.util.Base64; import javax.ws.rs.ApplicationPath; import org.eclipse.jetty.util.security.Password; import org.onap.aai.restclient.client.RestClient; +import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Value; import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Conditional; import org.springframework.stereotype.Component; @Component @@ -72,6 +74,18 @@ public class SdncConfiguration { @Value("${aai.httpProtocol}") private String aaiHttpProtocol; + @Value("${aai.authentication}") + private String authenticationMode; + + @Value("${aai.trustStorePath}") + private String trustStorePath; + + @Value("${aai.keyStorePath}") + private String keyStorePath; + + @Value("${aai.keyStorePassword}") + private String keyStorePassword; + @Value("${aai.connectionTimeout}") private Integer aaiConnectionTimeout; @@ -131,8 +145,9 @@ public class SdncConfiguration { return (BASIC + encodedAuth); } + @Conditional(AAIBasicAuthCondition.class) @Bean(name="aaiClient") - public RestClient restClient() { + public RestClient restClientWithBasicAuth() { RestClient restClient = new RestClient(); restClient.validateServerHostname(false).validateServerCertChain(false).connectTimeoutMs(aaiConnectionTimeout).readTimeoutMs(aaiReadTimeout); restClient.basicAuthUsername(aaiUsername); @@ -140,6 +155,18 @@ public class SdncConfiguration { return restClient; } + @Conditional(AAIClientCertCondition.class) + @Bean(name="aaiClient") + public RestClient restClientWithClientCert() { + RestClient restClient = new RestClient(); + System.out.println("in client cert"); + if (httpProtocol.equals("https")) + restClient.validateServerHostname(false).validateServerCertChain(false).trustStore(trustStorePath).clientCertFile(keyStorePath).clientCertPassword(keyStorePassword).connectTimeoutMs(connectionTimeout).readTimeoutMs(readTimeout); + else + restClient.validateServerHostname(false).validateServerCertChain(false).connectTimeoutMs(connectionTimeout).readTimeoutMs(readTimeout); + return restClient; + } + @Bean(name="aaiBaseUrl") public String getAaiURL() { return httpProtocol + "://" + aaiHost + ":" + aaiPort; |