Merge from ECOMP's repository

Main Features -------------- - Async-Instantiation jobs mechanism major update; still WIP (package `org.onap.vid.job`) - New features in View/Edit: Activate fabric configuration; show related networks; soft delete - Support AAI service-tree traversal (`AAIServiceTree`) - In-memory cache for SDC models and certain A&AI queries (`CacheProviderWithLoadingCache`) - Upgrade TOSCA Parser and add parsing options; fix malformed TOSCA models - Resolve Cloud-Owner values for MSO - Pass X-ONAP headers to MSO Infrastructure -------------- - Remove codehaus' jackson mapper; use soley fasterxml 2.9.7 - Surefire invokes both TestNG and JUnit tests - Support Kotlin source files - AaiController2 which handles errors in a "Spring manner" - Inline generated-sources and remove jsonschema2pojo Quality -------- - Cumulative bug fixes (A&AI API, UI timeouts, and many more) - Many Sonar issues cleaned-up - Some unused classes removed - Minor changes in vid-automation project, allowing some API verification to run Hard Merges ------------ - HTTP Clients (MSO, A&AI, WebConfig, OutgoingRequestHeadersTest) - Moved `package org.onap.vid.controllers` to `controller`, without plural -- just to keep semantic sync with ECOMP. Reference commit in ECOMP: 3d1141625 Issue-ID: VID-378 Change-Id: I9c8d1e74caa41815891d441fc0760bb5f29c5788 Signed-off-by: Ittay Stern <ittay.stern@att.com>
author: Ittay Stern <ittay.stern@att.com> 2018-12-31 17:21:27 +0200
committer: Ittay Stern <ittay.stern@att.com> 2019-01-09 20:19:55 +0200
commit: 6ad41e3ccd398a2721f41ad61c80b7bb03f7d127 (patch)
tree: 3bd672dff83e3218232cd8665680416b7fc26a5d /vid-app-common/src/main/java/org/onap/vid/aai/util/HttpsAuthClient.java
parent: 5ec29ff5e3864f1ba6ecac71f8bffbefa400cf27 (diff)
1 files changed, 22 insertions, 6 deletions
diff --git a/vid-app-common/src/main/java/org/onap/vid/aai/util/HttpsAuthClient.java b/vid-app-common/src/main/java/org/onap/vid/aai/util/HttpsAuthClient.java
index 15f81439b..489d2f1b6 100644
--- a/vid-app-common/src/main/java/org/onap/vid/aai/util/HttpsAuthClient.java
+++ b/vid-app-common/src/main/java/org/onap/vid/aai/util/HttpsAuthClient.java
@@ -22,11 +22,16 @@
 package org.onap.vid.aai.util;
 
 
+import org.apache.http.conn.ssl.DefaultHostnameVerifier;
+import org.apache.http.conn.ssl.NoopHostnameVerifier;
 import org.glassfish.jersey.client.ClientConfig;
 import org.glassfish.jersey.client.HttpUrlConnectorProvider;
 import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
 import org.onap.vid.aai.exceptions.HttpClientBuilderException;
+import org.onap.vid.properties.Features;
+import org.togglz.core.manager.FeatureManager;
 
+import javax.net.ssl.HostnameVerifier;
 import javax.net.ssl.HttpsURLConnection;
 import javax.ws.rs.client.Client;
 import javax.ws.rs.client.ClientBuilder;
@@ -47,16 +52,19 @@ public class HttpsAuthClient {
     private final SystemPropertyHelper systemPropertyHelper;
     private final SSLContextProvider sslContextProvider;
 
-    public HttpsAuthClient(String certFilePath, SystemPropertyHelper systemPropertyHelper, SSLContextProvider sslContextProvider) {
+    public HttpsAuthClient(String certFilePath, SystemPropertyHelper systemPropertyHelper, SSLContextProvider sslContextProvider, FeatureManager featureManager) {
         this.certFilePath = certFilePath;
         this.systemPropertyHelper = systemPropertyHelper;
         this.sslContextProvider = sslContextProvider;
+        this.featureManager = featureManager;
     }
 
     private final String certFilePath;
 
+    FeatureManager featureManager;
+
     /** The logger. */
-    static EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(HttpsAuthClient.class);
+    static EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(org.onap.vid.aai.util.HttpsAuthClient.class);
 
 
     /**
@@ -70,7 +78,7 @@ public class HttpsAuthClient {
         try {
             setSystemProperties();
 
-            ignoreHostname();
+            optionallyVerifyHostname();
 
             return systemPropertyHelper.isClientCertEnabled() ?
                     getTrustedClient(config, getKeystorePath(), systemPropertyHelper.getDecryptedKeystorePassword(), mode)
@@ -83,8 +91,8 @@ public class HttpsAuthClient {
 
     }
 
-    private void ignoreHostname() {
-        HttpsURLConnection.setDefaultHostnameVerifier((hostname, session) -> true);
+    private void optionallyVerifyHostname() {
+        HttpsURLConnection.setDefaultHostnameVerifier(getHostnameVerifier());
     }
 
     private Client getUntrustedClient(ClientConfig config) {
@@ -94,12 +102,20 @@ public class HttpsAuthClient {
     private Client getTrustedClient(ClientConfig config, String keystorePath, String keystorePassword, HttpClientMode httpClientMode) throws HttpClientBuilderException {
         return ClientBuilder.newBuilder()
                 .sslContext(sslContextProvider.getSslContext(keystorePath, keystorePassword, httpClientMode))
-                .hostnameVerifier((s, sslSession) -> true)
+                .hostnameVerifier(getHostnameVerifier())
                 .withConfig(config)
                 .build()
                 .register(CustomJacksonJaxBJsonProvider.class);
     }
 
+    protected HostnameVerifier getHostnameVerifier() {
+        if(featureManager.isActive(Features.FLAG_EXP_USE_DEFAULT_HOST_NAME_VERIFIER)){
+            return new DefaultHostnameVerifier();
+        }
+
+        return new NoopHostnameVerifier();
+    }
+
     private String getKeystorePath() {
         return getCertificatesPath() + FileSystems.getDefault().getSeparator() + systemPropertyHelper.getAAIKeystoreFilename();
     }
author	Ittay Stern <ittay.stern@att.com>	2018-12-31 17:21:27 +0200
committer	Ittay Stern <ittay.stern@att.com>	2019-01-09 20:19:55 +0200
commit	6ad41e3ccd398a2721f41ad61c80b7bb03f7d127 (patch)
tree	3bd672dff83e3218232cd8665680416b7fc26a5d /vid-app-common/src/main/java/org/onap/vid/aai/util/HttpsAuthClient.java
parent	5ec29ff5e3864f1ba6ecac71f8bffbefa400cf27 (diff)