diff options
author | Determe, Sebastien (sd378r) <sd378r@intl.att.com> | 2017-11-16 12:43:55 +0100 |
---|---|---|
committer | Determe, Sebastien (sd378r) <sd378r@intl.att.com> | 2017-11-16 13:42:47 +0100 |
commit | 78c8b0e7fc7e6d707190202cac4b8f2ad03828dc (patch) | |
tree | fd3db86bcef3a998c16a5f660bb42107a484619b /src/main/java/org | |
parent | 817815e0073a2cd447b6ad84d700e14efe491c94 (diff) |
Move SSL verification to test
Move the SSL verification to the unit test instead of having it in the
main class
Change-Id: I574a4ba380ef62171cc6ba0c23eb41dee8a8cc18
Issue-ID: CLAMP-74
Signed-off-by: Determe, Sebastien (sd378r) <sd378r@intl.att.com>
Diffstat (limited to 'src/main/java/org')
-rw-r--r-- | src/main/java/org/onap/clamp/clds/client/CldsEventDelegate.java | 17 | ||||
-rw-r--r-- | src/main/java/org/onap/clamp/clds/client/DcaeHttpConnectionManager.java | 74 |
2 files changed, 13 insertions, 78 deletions
diff --git a/src/main/java/org/onap/clamp/clds/client/CldsEventDelegate.java b/src/main/java/org/onap/clamp/clds/client/CldsEventDelegate.java index 449e364ba..4886b0de0 100644 --- a/src/main/java/org/onap/clamp/clds/client/CldsEventDelegate.java +++ b/src/main/java/org/onap/clamp/clds/client/CldsEventDelegate.java @@ -23,25 +23,23 @@ package org.onap.clamp.clds.client; +import com.att.eelf.configuration.EELFLogger; +import com.att.eelf.configuration.EELFManager; + import org.camunda.bpm.engine.delegate.DelegateExecution; import org.camunda.bpm.engine.delegate.JavaDelegate; import org.onap.clamp.clds.dao.CldsDao; import org.onap.clamp.clds.model.CldsEvent; import org.springframework.beans.factory.annotation.Autowired; -import com.att.eelf.configuration.EELFLogger; -import com.att.eelf.configuration.EELFManager; - /** * Create CLDS Event. */ public class CldsEventDelegate implements JavaDelegate { - protected static final EELFLogger logger = EELFManager.getInstance().getLogger(CldsEventDelegate.class); protected static final EELFLogger metricsLogger = EELFManager.getInstance().getMetricsLogger(); - @Autowired - private CldsDao cldsDao; + private CldsDao cldsDao; /** * Insert event using process variables. @@ -49,20 +47,19 @@ public class CldsEventDelegate implements JavaDelegate { * @param execution */ @Override - public void execute(DelegateExecution execution) throws Exception { + public void execute(DelegateExecution execution) { String controlName = (String) execution.getVariable("controlName"); String actionCd = (String) execution.getVariable("actionCd"); String actionStateCd = (String) execution.getVariable("actionStateCd"); - // Flag indicate whether it is triggered by Validation Test button from UI + // Flag indicate whether it is triggered by Validation Test button from + // UI boolean isTest = (boolean) execution.getVariable("isTest"); boolean isInsertTestEvent = (boolean) execution.getVariable("isInsertTestEvent"); String userid = (String) execution.getVariable("userid"); - // do not insert events for test actions unless flag set to insert them if (!isTest || isInsertTestEvent) { // won't really have userid here... CldsEvent.insEvent(cldsDao, controlName, userid, actionCd, actionStateCd, execution.getProcessInstanceId()); } } - } diff --git a/src/main/java/org/onap/clamp/clds/client/DcaeHttpConnectionManager.java b/src/main/java/org/onap/clamp/clds/client/DcaeHttpConnectionManager.java index cff955f1c..ef472ae11 100644 --- a/src/main/java/org/onap/clamp/clds/client/DcaeHttpConnectionManager.java +++ b/src/main/java/org/onap/clamp/clds/client/DcaeHttpConnectionManager.java @@ -32,22 +32,18 @@ import java.io.IOException; import java.io.InputStreamReader; import java.net.HttpURLConnection; import java.net.URL; -import java.security.KeyManagementException; -import java.security.NoSuchAlgorithmException; -import java.security.cert.CertificateException; -import java.security.cert.X509Certificate; -import javax.net.ssl.HostnameVerifier; import javax.net.ssl.HttpsURLConnection; -import javax.net.ssl.SSLContext; -import javax.net.ssl.SSLSession; -import javax.net.ssl.TrustManager; -import javax.net.ssl.X509TrustManager; import javax.ws.rs.BadRequestException; import org.apache.commons.io.IOUtils; import org.onap.clamp.clds.util.LoggingUtils; +/** + * + * This class manages the HTTP and HTTPS connections to DCAE. + * + */ public class DcaeHttpConnectionManager { protected static final EELFLogger logger = EELFManager.getInstance() .getLogger(DcaeHttpConnectionManager.class); @@ -57,39 +53,6 @@ public class DcaeHttpConnectionManager { private DcaeHttpConnectionManager() { } - static TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() { - @Override - public java.security.cert.X509Certificate[] getAcceptedIssuers() { - return null; - } - - @Override - public void checkClientTrusted(X509Certificate[] arg0, String arg1) throws CertificateException { - } - - @Override - public void checkServerTrusted(X509Certificate[] arg0, String arg1) throws CertificateException { - } - } }; - - private static void enableSslNoCheck() { - try { - SSLContext sc = SSLContext.getInstance("SSL"); - sc.init(null, trustAllCerts, new java.security.SecureRandom()); - HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory()); - HostnameVerifier allHostsValid = new HostnameVerifier() { - @Override - public boolean verify(String hostname, SSLSession session) { - return true; - } - }; - // set the allTrusting verifier - HttpsURLConnection.setDefaultHostnameVerifier(allHostsValid); - } catch (KeyManagementException | NoSuchAlgorithmException e) { - logger.error("Error when disabling security on SSL", e); - } - } - private static String doHttpsQuery(URL url, String requestMethod, String payload, String contentType) throws IOException { logger.info("Using HTTPS URL to contact DCAE:" + url.toString()); @@ -157,7 +120,7 @@ public class DcaeHttpConnectionManager { } /** - * This method does a HTTP query to DCAE with parameters specified. + * This method does a HTTP/HTTPS query to DCAE with parameters specified. * * @param url * The string HTTP or HTTPS that mustr be used to connect @@ -173,33 +136,8 @@ public class DcaeHttpConnectionManager { */ public static String doDcaeHttpQuery(String url, String requestMethod, String payload, String contentType) throws IOException { - return doDcaeHttpQuery(url, requestMethod, payload, contentType, false); - } - - /** - * This method does a HTTP/HTTPS query to DCAE with parameters specified. - * - * @param url - * The string HTTP or HTTPS that mustr be used to connect - * @param requestMethod - * The Request Method (PUT, POST, GET, DELETE, etc ...) - * @param payload - * The payload if any, in that case an ouputstream is opened - * @param contentType - * The "application/json or application/xml, or whatever" - * @param withoutSecurity - * Disable or not the SSL security (certificate,hostname, etc...) - * @return The payload of the answer - * @throws IOException - * In case of issue with the streams - */ - public static String doDcaeHttpQuery(String url, String requestMethod, String payload, String contentType, - boolean withoutSecurity) throws IOException { URL urlObj = new URL(url); if (url.contains("https://")) { // Support for HTTPS - if (withoutSecurity) { - enableSslNoCheck(); - } return doHttpsQuery(urlObj, requestMethod, payload, contentType); } else { // Support for HTTP return doHttpQuery(urlObj, requestMethod, payload, contentType); |