From 78c8b0e7fc7e6d707190202cac4b8f2ad03828dc Mon Sep 17 00:00:00 2001
From: "Determe, Sebastien (sd378r)" <sd378r@intl.att.com>
Date: Thu, 16 Nov 2017 12:43:55 +0100
Subject: Move SSL verification to test

Move the SSL verification to the unit test instead of having it in the
main class

Change-Id: I574a4ba380ef62171cc6ba0c23eb41dee8a8cc18
Issue-ID: CLAMP-74
Signed-off-by: Determe, Sebastien (sd378r) <sd378r@intl.att.com>
---
 .../onap/clamp/clds/client/CldsEventDelegate.java  | 17 ++---
 .../clds/client/DcaeHttpConnectionManager.java     | 74 ++--------------------
 2 files changed, 13 insertions(+), 78 deletions(-)

(limited to 'src/main/java')

diff --git a/src/main/java/org/onap/clamp/clds/client/CldsEventDelegate.java b/src/main/java/org/onap/clamp/clds/client/CldsEventDelegate.java
index 449e364ba..4886b0de0 100644
--- a/src/main/java/org/onap/clamp/clds/client/CldsEventDelegate.java
+++ b/src/main/java/org/onap/clamp/clds/client/CldsEventDelegate.java
@@ -23,25 +23,23 @@
 
 package org.onap.clamp.clds.client;
 
+import com.att.eelf.configuration.EELFLogger;
+import com.att.eelf.configuration.EELFManager;
+
 import org.camunda.bpm.engine.delegate.DelegateExecution;
 import org.camunda.bpm.engine.delegate.JavaDelegate;
 import org.onap.clamp.clds.dao.CldsDao;
 import org.onap.clamp.clds.model.CldsEvent;
 import org.springframework.beans.factory.annotation.Autowired;
 
-import com.att.eelf.configuration.EELFLogger;
-import com.att.eelf.configuration.EELFManager;
-
 /**
  * Create CLDS Event.
  */
 public class CldsEventDelegate implements JavaDelegate {
-
     protected static final EELFLogger logger        = EELFManager.getInstance().getLogger(CldsEventDelegate.class);
     protected static final EELFLogger metricsLogger = EELFManager.getInstance().getMetricsLogger();
-
     @Autowired
-    private CldsDao                 cldsDao;
+    private CldsDao                   cldsDao;
 
     /**
      * Insert event using process variables.
@@ -49,20 +47,19 @@ public class CldsEventDelegate implements JavaDelegate {
      * @param execution
      */
     @Override
-    public void execute(DelegateExecution execution) throws Exception {
+    public void execute(DelegateExecution execution) {
         String controlName = (String) execution.getVariable("controlName");
         String actionCd = (String) execution.getVariable("actionCd");
         String actionStateCd = (String) execution.getVariable("actionStateCd");
-        // Flag indicate whether it is triggered by Validation Test button from UI
+        // Flag indicate whether it is triggered by Validation Test button from
+        // UI
         boolean isTest = (boolean) execution.getVariable("isTest");
         boolean isInsertTestEvent = (boolean) execution.getVariable("isInsertTestEvent");
         String userid = (String) execution.getVariable("userid");
-
         // do not insert events for test actions unless flag set to insert them
         if (!isTest || isInsertTestEvent) {
             // won't really have userid here...
             CldsEvent.insEvent(cldsDao, controlName, userid, actionCd, actionStateCd, execution.getProcessInstanceId());
         }
     }
-
 }
diff --git a/src/main/java/org/onap/clamp/clds/client/DcaeHttpConnectionManager.java b/src/main/java/org/onap/clamp/clds/client/DcaeHttpConnectionManager.java
index cff955f1c..ef472ae11 100644
--- a/src/main/java/org/onap/clamp/clds/client/DcaeHttpConnectionManager.java
+++ b/src/main/java/org/onap/clamp/clds/client/DcaeHttpConnectionManager.java
@@ -32,22 +32,18 @@ import java.io.IOException;
 import java.io.InputStreamReader;
 import java.net.HttpURLConnection;
 import java.net.URL;
-import java.security.KeyManagementException;
-import java.security.NoSuchAlgorithmException;
-import java.security.cert.CertificateException;
-import java.security.cert.X509Certificate;
 
-import javax.net.ssl.HostnameVerifier;
 import javax.net.ssl.HttpsURLConnection;
-import javax.net.ssl.SSLContext;
-import javax.net.ssl.SSLSession;
-import javax.net.ssl.TrustManager;
-import javax.net.ssl.X509TrustManager;
 import javax.ws.rs.BadRequestException;
 
 import org.apache.commons.io.IOUtils;
 import org.onap.clamp.clds.util.LoggingUtils;
 
+/**
+ * 
+ * This class manages the HTTP and HTTPS connections to DCAE.
+ *
+ */
 public class DcaeHttpConnectionManager {
     protected static final EELFLogger logger                  = EELFManager.getInstance()
             .getLogger(DcaeHttpConnectionManager.class);
@@ -57,39 +53,6 @@ public class DcaeHttpConnectionManager {
     private DcaeHttpConnectionManager() {
     }
 
-    static TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() {
-        @Override
-        public java.security.cert.X509Certificate[] getAcceptedIssuers() {
-            return null;
-        }
-
-        @Override
-        public void checkClientTrusted(X509Certificate[] arg0, String arg1) throws CertificateException {
-        }
-
-        @Override
-        public void checkServerTrusted(X509Certificate[] arg0, String arg1) throws CertificateException {
-        }
-    } };
-
-    private static void enableSslNoCheck() {
-        try {
-            SSLContext sc = SSLContext.getInstance("SSL");
-            sc.init(null, trustAllCerts, new java.security.SecureRandom());
-            HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
-            HostnameVerifier allHostsValid = new HostnameVerifier() {
-                @Override
-                public boolean verify(String hostname, SSLSession session) {
-                    return true;
-                }
-            };
-            // set the allTrusting verifier
-            HttpsURLConnection.setDefaultHostnameVerifier(allHostsValid);
-        } catch (KeyManagementException | NoSuchAlgorithmException e) {
-            logger.error("Error when disabling security on SSL", e);
-        }
-    }
-
     private static String doHttpsQuery(URL url, String requestMethod, String payload, String contentType)
             throws IOException {
         logger.info("Using HTTPS URL to contact DCAE:" + url.toString());
@@ -157,7 +120,7 @@ public class DcaeHttpConnectionManager {
     }
 
     /**
-     * This method does a HTTP query to DCAE with parameters specified.
+     * This method does a HTTP/HTTPS query to DCAE with parameters specified.
      * 
      * @param url
      *            The string HTTP or HTTPS that mustr be used to connect
@@ -173,33 +136,8 @@ public class DcaeHttpConnectionManager {
      */
     public static String doDcaeHttpQuery(String url, String requestMethod, String payload, String contentType)
             throws IOException {
-        return doDcaeHttpQuery(url, requestMethod, payload, contentType, false);
-    }
-
-    /**
-     * This method does a HTTP/HTTPS query to DCAE with parameters specified.
-     * 
-     * @param url
-     *            The string HTTP or HTTPS that mustr be used to connect
-     * @param requestMethod
-     *            The Request Method (PUT, POST, GET, DELETE, etc ...)
-     * @param payload
-     *            The payload if any, in that case an ouputstream is opened
-     * @param contentType
-     *            The "application/json or application/xml, or whatever"
-     * @param withoutSecurity
-     *            Disable or not the SSL security (certificate,hostname, etc...)
-     * @return The payload of the answer
-     * @throws IOException
-     *             In case of issue with the streams
-     */
-    public static String doDcaeHttpQuery(String url, String requestMethod, String payload, String contentType,
-            boolean withoutSecurity) throws IOException {
         URL urlObj = new URL(url);
         if (url.contains("https://")) { // Support for HTTPS
-            if (withoutSecurity) {
-                enableSslNoCheck();
-            }
             return doHttpsQuery(urlObj, requestMethod, payload, contentType);
         } else { // Support for HTTP
             return doHttpQuery(urlObj, requestMethod, payload, contentType);
-- 
cgit 1.2.3-korg