2 * ============LICENSE_START=======================================================
4 * ================================================================================
5 * Copyright © 2017-2018 AT&T Intellectual Property. All rights reserved.
6 * ================================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END=========================================================
21 package org.onap.aai.util;
23 import com.sun.jersey.api.client.Client;
24 import com.sun.jersey.api.client.config.ClientConfig;
25 import com.sun.jersey.api.client.config.DefaultClientConfig;
26 import com.sun.jersey.api.json.JSONConfiguration;
27 import com.sun.jersey.client.urlconnection.HTTPSProperties;
29 import java.io.FileInputStream;
30 import java.security.KeyStore;
32 import javax.net.ssl.HostnameVerifier;
33 import javax.net.ssl.HttpsURLConnection;
34 import javax.net.ssl.KeyManagerFactory;
35 import javax.net.ssl.SSLContext;
36 import javax.net.ssl.SSLSession;
37 import javax.net.ssl.TrustManagerFactory;
39 public class HttpsAuthExternalClient {
44 * @param keystoreFileName the keystore file name
45 * @param keystorePassword the keystore password
47 * @throws Exception the exception
49 public static Client getClient(String keystoreFileName, String keystorePassword) throws Exception {
51 ClientConfig config = new DefaultClientConfig();
52 config.getFeatures().put(JSONConfiguration.FEATURE_POJO_MAPPING, Boolean.TRUE);
53 config.getClasses().add(org.onap.aai.restcore.CustomJacksonJaxBJsonProvider.class);
55 SSLContext ctx = null;
56 String truststore_path = AAIConstants.AAI_HOME_ETC_AUTH + AAIConfig.get(AAIConstants.AAI_TRUSTSTORE_FILENAME);
57 try (FileInputStream tin = new FileInputStream(truststore_path)) {
58 String truststore_password = AAIConfig.get(AAIConstants.AAI_TRUSTSTORE_PASSWD);
59 String keystore_path = AAIConstants.AAI_HOME_ETC_AUTH + keystoreFileName;
60 String keystore_password = keystorePassword;
61 // System.setProperty("javax.net.ssl.trustStore", truststore_path);
62 // System.setProperty("javax.net.ssl.trustStorePassword", truststore_password);
63 HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() {
64 public boolean verify(String string, SSLSession ssls) {
69 ctx = SSLContext.getInstance("TLS");
70 KeyManagerFactory kmf = null;
73 * kmf = KeyManagerFactory.getInstance("SunX509");
74 * FileInputStream fin = new FileInputStream(keystore_path);
75 * KeyStore ks = KeyStore.getInstance("PKCS12");
76 * char[] pwd = keystore_password.toCharArray();
81 String alg = TrustManagerFactory.getDefaultAlgorithm();
82 TrustManagerFactory tmf = TrustManagerFactory.getInstance(alg);
84 KeyStore ts = KeyStore.getInstance("PKCS12");
85 char[] tpwd = truststore_password.toCharArray();
89 // ctx.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
90 // Updating key manager to null, to disable two way SSL
91 ctx.init(null, tmf.getTrustManagers(), null);
93 config.getProperties().put(HTTPSProperties.PROPERTY_HTTPS_PROPERTIES,
94 new HTTPSProperties(new HostnameVerifier() {
96 public boolean verify(String s, SSLSession sslSession) {
101 client = Client.create(config);
102 // uncomment this line to get more logging for the request/response
103 // client.addFilter(new LoggingFilter(System.out));
104 } catch (Exception e) {