aai-core/src/main/java/org/onap/aai/util/HttpsAuthExternalClient.java

   1 /**
   2  * ============LICENSE_START=======================================================
   3  * org.onap.aai
   4  * ================================================================================
   5  * Copyright © 2017-2018 AT&T Intellectual Property. All rights reserved.
   6  * ================================================================================
   7  * Licensed under the Apache License, Version 2.0 (the "License");
   8  * you may not use this file except in compliance with the License.
   9  * You may obtain a copy of the License at
  10  *
  11  *    http://www.apache.org/licenses/LICENSE-2.0
  12  *
  13  * Unless required by applicable law or agreed to in writing, software
  14  * distributed under the License is distributed on an "AS IS" BASIS,
  15  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  16  * See the License for the specific language governing permissions and
  17  * limitations under the License.
  18  * ============LICENSE_END=========================================================
  19  */
  20 package org.onap.aai.util;
  21
  22 import java.io.FileInputStream;
  23 import java.security.KeyStore;
  24
  25 import javax.net.ssl.HostnameVerifier;
  26 import javax.net.ssl.HttpsURLConnection;
  27 import javax.net.ssl.KeyManagerFactory;
  28 import javax.net.ssl.TrustManagerFactory;
  29 import javax.net.ssl.SSLContext;
  30 import javax.net.ssl.SSLSession;
  31
  32 import com.sun.jersey.api.client.Client;
  33 import com.sun.jersey.api.client.config.ClientConfig;
  34 import com.sun.jersey.api.client.config.DefaultClientConfig;
  35 import com.sun.jersey.api.json.JSONConfiguration;
  36 import com.sun.jersey.client.urlconnection.HTTPSProperties;
  37
  38 public class HttpsAuthExternalClient {
  39
  40
  41         /**
  42          * Gets the client.
  43          *
  44          * @param keystoreFileName the keystore file name
  45          * @param keystorePassword the keystore password
  46          * @return the client
  47          * @throws Exception the exception
  48          */
  49         public static Client getClient ( String keystoreFileName, String keystorePassword ) throws Exception {
  50
  51                 ClientConfig config = new DefaultClientConfig();
  52                 config.getFeatures().put(JSONConfiguration.FEATURE_POJO_MAPPING, Boolean.TRUE);
  53                 config.getClasses().add(org.onap.aai.restcore.CustomJacksonJaxBJsonProvider.class);
  54                 Client client = null;
  55                 SSLContext ctx = null;
  56                 String truststore_path = AAIConstants.AAI_HOME_ETC_AUTH + AAIConfig.get(AAIConstants.AAI_TRUSTSTORE_FILENAME);
  57                 try(FileInputStream tin = new FileInputStream(truststore_path)) {
  58                         String truststore_password = AAIConfig.get(AAIConstants.AAI_TRUSTSTORE_PASSWD);
  59                         String keystore_path = AAIConstants.AAI_HOME_ETC_AUTH + keystoreFileName;
  60                         String keystore_password = keystorePassword;
  61                     //System.setProperty("javax.net.ssl.trustStore", truststore_path);
  62                     //System.setProperty("javax.net.ssl.trustStorePassword", truststore_password);
  63                         HttpsURLConnection.setDefaultHostnameVerifier( new HostnameVerifier(){
  64                             public boolean verify(String string,SSLSession ssls) {
  65                                 return true;
  66                             }
  67                         });
  68
  69                         ctx = SSLContext.getInstance("TLS");
  70                         KeyManagerFactory kmf = null;
  71
  72
  73                         /**** kmf = KeyManagerFactory.getInstance("SunX509");
  74                         FileInputStream fin = new FileInputStream(keystore_path);
  75                         KeyStore ks = KeyStore.getInstance("PKCS12");
  76                         char[] pwd = keystore_password.toCharArray();
  77                         ks.load(fin, pwd);
  78                         kmf.init(ks, pwd);
  79                         ***/
  80
  81                         String alg = TrustManagerFactory.getDefaultAlgorithm();
  82                         TrustManagerFactory tmf = TrustManagerFactory.getInstance(alg);
  83
  84                         KeyStore ts = KeyStore.getInstance("PKCS12");
  85                         char[] tpwd = truststore_password.toCharArray();
  86                         ts.load(tin, tpwd);
  87                         tmf.init(ts);
  88
  89                         //ctx.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
  90                         // Updating key manager to null, to disable two way SSL
  91                         ctx.init(null, tmf.getTrustManagers(), null);
  92
  93                         config.getProperties().put(HTTPSProperties.PROPERTY_HTTPS_PROPERTIES,
  94                                                                         new HTTPSProperties( new HostnameVerifier() {
  95                                 @Override
  96                                 public boolean verify( String s, SSLSession sslSession ) {
  97                                         return true;
  98                                 }
  99                         }, ctx));
 100
 101                         client = Client.create(config);
 102                         // uncomment this line to get more logging for the request/response
 103                         // client.addFilter(new LoggingFilter(System.out));
 104                 } catch (Exception e) {
 105                         throw e;
 106                 }
 107                 return client;
 108         }
 109
 110 }