diff options
Diffstat (limited to 'common/src/main/java/org/openecomp/mso/client/policy/RestClientSSL.java')
-rw-r--r-- | common/src/main/java/org/openecomp/mso/client/policy/RestClientSSL.java | 99 |
1 files changed, 99 insertions, 0 deletions
diff --git a/common/src/main/java/org/openecomp/mso/client/policy/RestClientSSL.java b/common/src/main/java/org/openecomp/mso/client/policy/RestClientSSL.java new file mode 100644 index 0000000000..921664588a --- /dev/null +++ b/common/src/main/java/org/openecomp/mso/client/policy/RestClientSSL.java @@ -0,0 +1,99 @@ +/*- + * ============LICENSE_START======================================================= + * ONAP - SO + * ================================================================================ + * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.openecomp.mso.client.policy; + +import java.io.FileInputStream; +import java.net.URI; +import java.security.NoSuchAlgorithmException; +import java.security.KeyStore; +import java.util.Optional; +import java.util.UUID; + +import javax.net.ssl.SSLContext; +import javax.ws.rs.client.Client; +import javax.ws.rs.client.ClientBuilder; + +import org.openecomp.mso.client.RestProperties; +import org.openecomp.mso.logger.MessageEnum; +import org.openecomp.mso.logger.MsoLogger; + +public abstract class RestClientSSL extends RestClient { + + public static final String SSL_KEY_STORE_KEY = "javax.net.ssl.keyStore"; + public static final String SSL_KEY_STORE_PASSWORD_KEY = "javax.net.ssl.keyStorePassword"; + public static final String MSO_LOAD_SSL_CLIENT_KEYSTORE_KEY = "mso.load.ssl.client.keystore"; + + + protected RestClientSSL(RestProperties props, UUID requestId, Optional<URI> path) { + super(props, requestId, path); + } + + protected RestClientSSL(RestProperties props, UUID requestId, Optional<URI> path, String accept, String contentType) { + super(props, requestId, path, accept, contentType); + } + + @Override + protected Client getClient() { + + Client client = null; + try { + String loadSSLKeyStore = System.getProperty(RestClientSSL.MSO_LOAD_SSL_CLIENT_KEYSTORE_KEY); + if(loadSSLKeyStore != null && loadSSLKeyStore.equalsIgnoreCase("true")) { + KeyStore ks = getKeyStore(); + if(ks != null) { + client = ClientBuilder.newBuilder().keyStore(ks, System.getProperty(RestClientSSL.SSL_KEY_STORE_PASSWORD_KEY)).build(); + this.msoLogger.debug("RestClientSSL not using default SSL context - setting keystore here."); + return client; + } + } + //Use default SSL context + client = ClientBuilder.newBuilder().sslContext(SSLContext.getDefault()).build(); + this.msoLogger.debug("RestClientSSL using default SSL context!"); + } catch (NoSuchAlgorithmException e) { + this.msoLogger.error(MessageEnum.APIH_GENERAL_EXCEPTION, "AAI", "Client init", MsoLogger.ErrorCode.UnknownError, "could not create SSL client", e); + throw new RuntimeException(e); + } + return client; + } + + private KeyStore getKeyStore() { + KeyStore ks = null; + char[] password = System.getProperty(RestClientSSL.SSL_KEY_STORE_PASSWORD_KEY).toCharArray(); + FileInputStream fis = null; + try { + ks = KeyStore.getInstance(KeyStore.getDefaultType()); + fis = new FileInputStream(System.getProperty(RestClientSSL.SSL_KEY_STORE_KEY)); + ks.load(fis, password); + } + catch(Exception e) { + return null; + } + finally { + if (fis != null) { + try { + fis.close(); + } + catch(Exception e) {} + } + } + return ks; + } +} |