diff options
author | Ittay Stern <ittay.stern@att.com> | 2018-12-31 17:21:27 +0200 |
---|---|---|
committer | Ittay Stern <ittay.stern@att.com> | 2019-01-09 20:19:55 +0200 |
commit | 6ad41e3ccd398a2721f41ad61c80b7bb03f7d127 (patch) | |
tree | 3bd672dff83e3218232cd8665680416b7fc26a5d /vid-app-common/src/main/java/org/onap/vid/aai/util/HttpsAuthClient.java | |
parent | 5ec29ff5e3864f1ba6ecac71f8bffbefa400cf27 (diff) |
Merge from ECOMP's repository
Main Features
--------------
- Async-Instantiation jobs mechanism major update; still WIP (package
`org.onap.vid.job`)
- New features in View/Edit: Activate fabric configuration; show
related networks; soft delete
- Support AAI service-tree traversal (`AAIServiceTree`)
- In-memory cache for SDC models and certain A&AI queries
(`CacheProviderWithLoadingCache`)
- Upgrade TOSCA Parser and add parsing options; fix malformed TOSCA
models
- Resolve Cloud-Owner values for MSO
- Pass X-ONAP headers to MSO
Infrastructure
--------------
- Remove codehaus' jackson mapper; use soley fasterxml 2.9.7
- Surefire invokes both TestNG and JUnit tests
- Support Kotlin source files
- AaiController2 which handles errors in a "Spring manner"
- Inline generated-sources and remove jsonschema2pojo
Quality
--------
- Cumulative bug fixes (A&AI API, UI timeouts, and many more)
- Many Sonar issues cleaned-up
- Some unused classes removed
- Minor changes in vid-automation project, allowing some API
verification to run
Hard Merges
------------
- HTTP Clients (MSO, A&AI, WebConfig, OutgoingRequestHeadersTest)
- Moved `package org.onap.vid.controllers` to `controller`, without
plural -- just to keep semantic sync with ECOMP.
Reference commit in ECOMP: 3d1141625
Issue-ID: VID-378
Change-Id: I9c8d1e74caa41815891d441fc0760bb5f29c5788
Signed-off-by: Ittay Stern <ittay.stern@att.com>
Diffstat (limited to 'vid-app-common/src/main/java/org/onap/vid/aai/util/HttpsAuthClient.java')
-rw-r--r-- | vid-app-common/src/main/java/org/onap/vid/aai/util/HttpsAuthClient.java | 28 |
1 files changed, 22 insertions, 6 deletions
diff --git a/vid-app-common/src/main/java/org/onap/vid/aai/util/HttpsAuthClient.java b/vid-app-common/src/main/java/org/onap/vid/aai/util/HttpsAuthClient.java index 15f81439b..489d2f1b6 100644 --- a/vid-app-common/src/main/java/org/onap/vid/aai/util/HttpsAuthClient.java +++ b/vid-app-common/src/main/java/org/onap/vid/aai/util/HttpsAuthClient.java @@ -22,11 +22,16 @@ package org.onap.vid.aai.util; +import org.apache.http.conn.ssl.DefaultHostnameVerifier; +import org.apache.http.conn.ssl.NoopHostnameVerifier; import org.glassfish.jersey.client.ClientConfig; import org.glassfish.jersey.client.HttpUrlConnectorProvider; import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate; import org.onap.vid.aai.exceptions.HttpClientBuilderException; +import org.onap.vid.properties.Features; +import org.togglz.core.manager.FeatureManager; +import javax.net.ssl.HostnameVerifier; import javax.net.ssl.HttpsURLConnection; import javax.ws.rs.client.Client; import javax.ws.rs.client.ClientBuilder; @@ -47,16 +52,19 @@ public class HttpsAuthClient { private final SystemPropertyHelper systemPropertyHelper; private final SSLContextProvider sslContextProvider; - public HttpsAuthClient(String certFilePath, SystemPropertyHelper systemPropertyHelper, SSLContextProvider sslContextProvider) { + public HttpsAuthClient(String certFilePath, SystemPropertyHelper systemPropertyHelper, SSLContextProvider sslContextProvider, FeatureManager featureManager) { this.certFilePath = certFilePath; this.systemPropertyHelper = systemPropertyHelper; this.sslContextProvider = sslContextProvider; + this.featureManager = featureManager; } private final String certFilePath; + FeatureManager featureManager; + /** The logger. */ - static EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(HttpsAuthClient.class); + static EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(org.onap.vid.aai.util.HttpsAuthClient.class); /** @@ -70,7 +78,7 @@ public class HttpsAuthClient { try { setSystemProperties(); - ignoreHostname(); + optionallyVerifyHostname(); return systemPropertyHelper.isClientCertEnabled() ? getTrustedClient(config, getKeystorePath(), systemPropertyHelper.getDecryptedKeystorePassword(), mode) @@ -83,8 +91,8 @@ public class HttpsAuthClient { } - private void ignoreHostname() { - HttpsURLConnection.setDefaultHostnameVerifier((hostname, session) -> true); + private void optionallyVerifyHostname() { + HttpsURLConnection.setDefaultHostnameVerifier(getHostnameVerifier()); } private Client getUntrustedClient(ClientConfig config) { @@ -94,12 +102,20 @@ public class HttpsAuthClient { private Client getTrustedClient(ClientConfig config, String keystorePath, String keystorePassword, HttpClientMode httpClientMode) throws HttpClientBuilderException { return ClientBuilder.newBuilder() .sslContext(sslContextProvider.getSslContext(keystorePath, keystorePassword, httpClientMode)) - .hostnameVerifier((s, sslSession) -> true) + .hostnameVerifier(getHostnameVerifier()) .withConfig(config) .build() .register(CustomJacksonJaxBJsonProvider.class); } + protected HostnameVerifier getHostnameVerifier() { + if(featureManager.isActive(Features.FLAG_EXP_USE_DEFAULT_HOST_NAME_VERIFIER)){ + return new DefaultHostnameVerifier(); + } + + return new NoopHostnameVerifier(); + } + private String getKeystorePath() { return getCertificatesPath() + FileSystems.getDefault().getSeparator() + systemPropertyHelper.getAAIKeystoreFilename(); } |