diff options
Diffstat (limited to 'sdc-distribution-client/src/main/java/org/onap/sdc/http/HttpAsdcClient.java')
-rw-r--r-- | sdc-distribution-client/src/main/java/org/onap/sdc/http/HttpAsdcClient.java | 347 |
1 files changed, 75 insertions, 272 deletions
diff --git a/sdc-distribution-client/src/main/java/org/onap/sdc/http/HttpAsdcClient.java b/sdc-distribution-client/src/main/java/org/onap/sdc/http/HttpAsdcClient.java index 44f1295..14c9c7f 100644 --- a/sdc-distribution-client/src/main/java/org/onap/sdc/http/HttpAsdcClient.java +++ b/sdc-distribution-client/src/main/java/org/onap/sdc/http/HttpAsdcClient.java @@ -3,7 +3,7 @@ * sdc-distribution-client * ================================================================================ * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. - * Modifications copyright (C) 2019 Nokia. All rights reserved. + * Modifications copyright (C) 2020 Nokia. All rights reserved. * ================================================================================ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -21,273 +21,97 @@ package org.onap.sdc.http; -import java.io.FileInputStream; -import java.io.IOException; -import java.io.UnsupportedEncodingException; -import java.net.ConnectException; -import java.net.UnknownHostException; -import java.security.KeyStore; -import java.security.cert.CertificateException; -import java.security.cert.X509Certificate; -import java.util.ArrayList; -import java.util.Base64; -import java.util.HashMap; -import java.util.List; -import java.util.Map; -import java.util.Set; - -import javax.net.ssl.HostnameVerifier; -import javax.net.ssl.SSLContext; -import javax.net.ssl.SSLSession; -import javax.net.ssl.TrustManager; -import javax.net.ssl.TrustManagerFactory; -import javax.net.ssl.X509TrustManager; - import org.apache.http.Header; import org.apache.http.HttpEntity; import org.apache.http.HttpStatus; -import org.apache.http.auth.AuthScope; -import org.apache.http.auth.UsernamePasswordCredentials; -import org.apache.http.client.CredentialsProvider; import org.apache.http.client.methods.CloseableHttpResponse; import org.apache.http.client.methods.HttpGet; import org.apache.http.client.methods.HttpPost; -import org.apache.http.conn.ssl.SSLConnectionSocketFactory; import org.apache.http.entity.StringEntity; -import org.apache.http.impl.client.BasicCredentialsProvider; import org.apache.http.impl.client.CloseableHttpClient; -import org.apache.http.impl.client.HttpClientBuilder; -import org.apache.http.message.BasicHeader; -import org.apache.http.ssl.SSLContextBuilder; -import org.apache.http.ssl.TrustStrategy; import org.onap.sdc.api.consumer.IConfiguration; import org.onap.sdc.utils.Pair; import org.slf4j.Logger; import org.slf4j.LoggerFactory; -public class HttpAsdcClient implements IHttpAsdcClient { +import java.io.IOException; +import java.net.ConnectException; +import java.net.UnknownHostException; +import java.nio.charset.StandardCharsets; +import java.util.HashMap; +import java.util.Map; - private static final String TLS = "TLSv1.2"; - private static final String AUTHORIZATION_HEADER = "Authorization"; - private static final String HTTPS = "https://"; - private static final String HTTP = "http://"; - public static final int AUTHORIZATION_SCOPE_PORT = 443; - public static final int AUTHORIZATION_SCOPE_PLAIN_PORT = 80; - private static Logger log = LoggerFactory.getLogger(HttpAsdcClient.class.getName()); - private CloseableHttpClient httpClient = null; - private String serverFqdn = null; - private String authHeaderValue = ""; - private Boolean use_ssl = true; +public class HttpAsdcClient implements IHttpAsdcClient { + private static final Logger log = LoggerFactory.getLogger(HttpAsdcClient.class.getName()); + private static final boolean ALWAYS_CLOSE_THE_REQUEST_CONNECTION = true; + private final CloseableHttpClient httpClient; + private final String httpSchema; + private final String serverFqdn; + private final HttpRequestFactory httpRequestFactory; + + /** + * Constructor + * + * @deprecated + * This constructor will be removed in the future. + * + * @param configuration Asdc client configuration + */ + @Deprecated public HttpAsdcClient(IConfiguration configuration) { - this.serverFqdn = configuration.getAsdcAddress(); - - String username = configuration.getUser(); - String password = configuration.getPassword(); - this.use_ssl = configuration.isUseHttpsWithSDC(); - if (this.use_ssl) { - initSSL(username, password, configuration.getKeyStorePath(), configuration.getKeyStorePassword(), configuration.activateServerTLSAuth()); - } else { - CredentialsProvider credsProvider = new BasicCredentialsProvider(); - credsProvider.setCredentials(new AuthScope("localhost", AUTHORIZATION_SCOPE_PLAIN_PORT), new UsernamePasswordCredentials(username, password)); - httpClient = HttpClientBuilder.create().setDefaultCredentialsProvider(credsProvider).build(); - } - - String userNameAndPassword = username + ":" + password; - this.authHeaderValue = "Basic " + Base64.getEncoder().encodeToString(userNameAndPassword.getBytes()); + this(configuration.getAsdcAddress(), + new HttpClientFactory(configuration), + new HttpRequestFactory(configuration.getUser(), configuration.getPassword()) + ); } - // @SuppressWarnings("deprecation") - private void initSSL(String username, String password, String keyStorePath, String keyStoePass, boolean isSupportSSLVerification) { - - try { - HostnameVerifier hostnameVerifier = new HostnameVerifier() { - - @Override - public boolean verify(String hostname, SSLSession session) { - return true; - } - }; - - // SSLContextBuilder is not thread safe - // @SuppressWarnings("deprecation") - CredentialsProvider credsProvider = new BasicCredentialsProvider(); - credsProvider.setCredentials(new AuthScope("localhost", AUTHORIZATION_SCOPE_PORT), new UsernamePasswordCredentials(username, password)); - SSLContext sslContext; - sslContext = SSLContext.getInstance(TLS); - TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); - KeyStore trustStore = null; - tmf.init(trustStore); - TrustManager[] tms = tmf.getTrustManagers(); - if (isSupportSSLVerification) { - - if (keyStorePath != null && !keyStorePath.isEmpty()) { - // trustStore = KeyStore.getInstance(KeyStore.getDefaultType()); - // trustStore.load(new FileInputStream(keyStorePath), keyStoePass.toCharArray()); - - // Using null here initialises the TMF with the default trust store. - - // Get hold of the default trust manager - X509TrustManager defaultTm = null; - for (TrustManager tm : tmf.getTrustManagers()) { - if (tm instanceof X509TrustManager) { - defaultTm = (X509TrustManager) tm; - break; - } - } - - // Do the same with your trust store this time - // Adapt how you load the keystore to your needs - trustStore = KeyStore.getInstance(KeyStore.getDefaultType()); - trustStore.load(new FileInputStream(keyStorePath), keyStoePass.toCharArray()); - - tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); - tmf.init(trustStore); - - // Get hold of the default trust manager - X509TrustManager myTm = null; - for (TrustManager tm : tmf.getTrustManagers()) { - if (tm instanceof X509TrustManager) { - myTm = (X509TrustManager) tm; - break; - } - } - - // Wrap it in your own class. - final X509TrustManager finalDefaultTm = defaultTm; - final X509TrustManager finalMyTm = myTm; - X509TrustManager customTm = new X509TrustManager() { - @Override - public X509Certificate[] getAcceptedIssuers() { - // If you're planning to use client-cert auth, - // merge results from "defaultTm" and "myTm". - return finalDefaultTm.getAcceptedIssuers(); - } - - @Override - public void checkServerTrusted(X509Certificate[] chain, String authType) - throws CertificateException { - try { - finalMyTm.checkServerTrusted(chain, authType); - } catch (CertificateException e) { - // This will throw another CertificateException if this fails too. - finalDefaultTm.checkServerTrusted(chain, authType); - } - } - - @Override - public void checkClientTrusted(X509Certificate[] chain, String authType) - throws CertificateException { - // If you're planning to use client-cert auth, - // do the same as checking the server. - finalDefaultTm.checkClientTrusted(chain, authType); - } - }; - - tms = new TrustManager[]{customTm}; - - } - - sslContext.init(null, tms, null); - SSLContext.setDefault(sslContext); - - - } else { - - SSLContextBuilder builder = new SSLContextBuilder(); - - builder.loadTrustMaterial(null, new TrustStrategy() { - public boolean isTrusted(X509Certificate[] chain, String authType) throws CertificateException { - return true; - } - }); - - sslContext = builder.build(); - } - - SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(sslContext, new String[]{"TLSv1.2"}, null, hostnameVerifier); - httpClient = HttpClientBuilder.create(). - setDefaultCredentialsProvider(credsProvider). - setSSLSocketFactory(sslsf). - build(); - - } catch (Exception e) { - log.error("Failed to create https client", e); - - } + public HttpAsdcClient(String asdcAddress, HttpClientFactory httpClientFactory, HttpRequestFactory httpRequestFactory) { + this.serverFqdn = asdcAddress; + this.httpRequestFactory = httpRequestFactory; - return; + Pair<String, CloseableHttpClient> httpClientPair = httpClientFactory.createInstance(); + this.httpSchema = httpClientPair.getFirst(); + this.httpClient = httpClientPair.getSecond(); } public HttpAsdcResponse postRequest(String requestUrl, HttpEntity entity, Map<String, String> headersMap) { - return postRequest(requestUrl, entity, headersMap, true).getFirst(); + return postRequest(requestUrl, entity, headersMap, ALWAYS_CLOSE_THE_REQUEST_CONNECTION).getFirst(); } public Pair<HttpAsdcResponse, CloseableHttpResponse> postRequest(String requestUrl, HttpEntity entity, Map<String, String> headersMap, boolean closeTheRequest) { Pair<HttpAsdcResponse, CloseableHttpResponse> ret; + final String url = resolveUrl(requestUrl); + log.debug("url to send {}", url); + HttpPost httpPost = httpRequestFactory.createHttpPostRequest(url, headersMap, entity); + CloseableHttpResponse httpResponse = null; HttpAsdcResponse response = null; - HttpPost httpPost = new HttpPost(getScheme() + serverFqdn + requestUrl); - List<Header> headers = addHeadersToHttpRequest(headersMap); - for (Header header : headers) { - httpPost.addHeader(header); - } - - httpPost.setHeader(AUTHORIZATION_HEADER, this.authHeaderValue); - - httpPost.setEntity(entity); try { httpResponse = httpClient.execute(httpPost); response = new HttpAsdcResponse(httpResponse.getStatusLine().getStatusCode(), httpResponse.getEntity()); - } catch (IOException e) { - log.error("failed to send request to url: " + requestUrl); - StringEntity errorEntity = null; - try { - errorEntity = new StringEntity("failed to send request"); - } catch (UnsupportedEncodingException e1) { - } - - response = new HttpAsdcResponse(HttpStatus.SC_INTERNAL_SERVER_ERROR, errorEntity); - + log.error("failed to send request to url: {}", requestUrl); + response = createHttpResponse(HttpStatus.SC_INTERNAL_SERVER_ERROR, "failed to send request"); } finally { - if (closeTheRequest) { - if (httpResponse != null) { - try { - httpResponse.close(); - - } catch (IOException e) { - log.error("failed to close http response"); - } - } - ret = new Pair<>(response, null); - } else { - ret = new Pair<>(response, httpResponse); - } + ret = finalizeHttpRequest(closeTheRequest, httpResponse, response); } return ret; } public HttpAsdcResponse getRequest(String requestUrl, Map<String, String> headersMap) { - - return getRequest(requestUrl, headersMap, true).getFirst(); - + return getRequest(requestUrl, headersMap, ALWAYS_CLOSE_THE_REQUEST_CONNECTION).getFirst(); } public Pair<HttpAsdcResponse, CloseableHttpResponse> getRequest(String requestUrl, Map<String, String> headersMap, boolean closeTheRequest) { Pair<HttpAsdcResponse, CloseableHttpResponse> ret; - CloseableHttpResponse httpResponse = null; - String url = getScheme() + serverFqdn + requestUrl; - log.debug("url to send {}", url); - HttpGet httpGet = new HttpGet(url); - List<Header> headers = addHeadersToHttpRequest(headersMap); - for (Header header : headers) { - httpGet.addHeader(header); - } - httpGet.setHeader(AUTHORIZATION_HEADER, this.authHeaderValue); + final String url = resolveUrl(requestUrl); + log.debug("url to send {}", url); + HttpGet httpGet = httpRequestFactory.createHttpGetRequest(url, headersMap); + CloseableHttpResponse httpResponse = null; HttpAsdcResponse response = null; try { httpResponse = httpClient.execute(httpGet); @@ -302,73 +126,52 @@ public class HttpAsdcClient implements IHttpAsdcClient { } catch (UnknownHostException | ConnectException e) { log.error("failed to connect to url: {}", requestUrl, e); - StringEntity errorEntity = null; - try { - errorEntity = new StringEntity("failed to connect"); - } catch (UnsupportedEncodingException e1) { - } - - response = new HttpAsdcResponse(HttpStatus.SC_BAD_GATEWAY, errorEntity); - + response = createHttpResponse(HttpStatus.SC_BAD_GATEWAY, "failed to connect"); } catch (IOException e) { - log.error("failed to send request to url: " + requestUrl + " error " + e.getMessage()); - StringEntity errorEntity = null; - try { - errorEntity = new StringEntity("failed to send request " + e.getMessage()); - } catch (UnsupportedEncodingException e1) { - } + log.error("failed to send request to url: {} error {}", requestUrl, e.getMessage()); + response = createHttpResponse(HttpStatus.SC_BAD_GATEWAY, "failed to send request " + e.getMessage()); + } finally { + ret = finalizeHttpRequest(closeTheRequest, httpResponse, response); + } - response = new HttpAsdcResponse(HttpStatus.SC_BAD_GATEWAY, errorEntity); + return ret; + } - } finally { + String getHttpSchema(){ + return this.httpSchema; + } - if (closeTheRequest) { - if (httpResponse != null) { - try { - httpResponse.close(); + private String resolveUrl(String requestUrl) { + return this.httpSchema + serverFqdn + requestUrl; + } - } catch (IOException e) { - log.error("failed to close http response"); - } + private Pair<HttpAsdcResponse, CloseableHttpResponse> finalizeHttpRequest(boolean closeTheRequest, CloseableHttpResponse httpResponse, HttpAsdcResponse response) { + Pair<HttpAsdcResponse, CloseableHttpResponse> ret; + if (closeTheRequest) { + if (httpResponse != null) { + try { + httpResponse.close(); + } catch (IOException e) { + log.error("failed to close http response"); } - ret = new Pair<HttpAsdcResponse, CloseableHttpResponse>(response, null); - } else { - ret = new Pair<HttpAsdcResponse, CloseableHttpResponse>(response, httpResponse); } + ret = new Pair<>(response, null); + } else { + ret = new Pair<>(response, httpResponse); } return ret; + } + static HttpAsdcResponse createHttpResponse(int httpStatusCode, String httpMessage) { + return new HttpAsdcResponse(httpStatusCode, new StringEntity(httpMessage, StandardCharsets.UTF_8)); } public void closeHttpClient() { try { httpClient.close(); } catch (IOException e) { - // TODO Auto-generated catch block log.error("failed to close http client"); } - } - - private List<Header> addHeadersToHttpRequest(Map<String, String> headersMap) { - - List<Header> requestHeaders = new ArrayList<Header>(); - - Set<String> headersKyes = headersMap.keySet(); - for (String key : headersKyes) { - Header requestHeader = new BasicHeader(key, headersMap.get(key)); - requestHeaders.add(requestHeader); - } - - return requestHeaders; - } - - private String getScheme() { - if (this.use_ssl) { - return HTTPS; - } - return HTTP; - } - } |