2 * ============LICENSE_START=======================================================
3 * Copyright (C) 2019 Ericsson. All rights reserved.
4 * ================================================================================
5 * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this
6 * file except in compliance with the License. You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software distributed under the License
11 * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
12 * or implied. See the License for the specific language governing permissions and limitations under
15 * SPDX-License-Identifier: Apache-2.0
16 * ============LICENSE_END=========================================================
19 package org.onap.appc.util;
21 import java.io.IOException;
22 import java.net.Socket;
23 import java.security.KeyManagementException;
24 import java.security.KeyStore;
25 import java.security.KeyStoreException;
26 import java.security.NoSuchAlgorithmException;
27 import java.security.UnrecoverableKeyException;
28 import java.security.cert.CertificateException;
29 import java.security.cert.X509Certificate;
30 import javax.net.ssl.SSLContext;
31 import javax.net.ssl.TrustManager;
32 import javax.net.ssl.X509TrustManager;
33 import org.apache.http.HttpVersion;
34 import org.apache.http.conn.ClientConnectionManager;
35 import org.apache.http.conn.scheme.PlainSocketFactory;
36 import org.apache.http.conn.scheme.Scheme;
37 import org.apache.http.conn.scheme.SchemeRegistry;
38 import org.apache.http.conn.ssl.SSLSocketFactory;
39 import org.apache.http.impl.client.CloseableHttpClient;
40 import org.apache.http.impl.client.DefaultHttpClient;
41 import org.apache.http.impl.conn.tsccm.ThreadSafeClientConnManager;
42 import org.apache.http.params.BasicHttpParams;
43 import org.apache.http.params.HttpParams;
44 import org.apache.http.params.HttpProtocolParams;
45 import org.apache.http.protocol.HTTP;
46 import org.onap.appc.exceptions.APPCException;
47 import com.att.eelf.configuration.EELFLogger;
48 import com.att.eelf.configuration.EELFManager;
50 @SuppressWarnings("deprecation")
51 public class HttpClientUtil {
53 private static final EELFLogger LOG = EELFManager.getInstance().getLogger(HttpClientUtil.class);
54 private static final String OPERATION_HTTPS = "https";
55 private static final String OPERATION_HTTP = "http";
57 public static CloseableHttpClient getHttpClient(String protocol) throws APPCException {
60 return createHttpsClient();
62 return new DefaultHttpClient();
64 throw new APPCException("The url did not start with http[s]");
69 private static CloseableHttpClient createHttpsClient() {
71 KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType());
72 trustStore.load(null, null);
73 MySSLSocketFactory sf = new MySSLSocketFactory(trustStore);
74 sf.setHostnameVerifier(MySSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
76 HttpParams params = new BasicHttpParams();
77 HttpProtocolParams.setVersion(params, HttpVersion.HTTP_1_1);
78 HttpProtocolParams.setContentCharset(params, HTTP.UTF_8);
80 SchemeRegistry registry = new SchemeRegistry();
81 registry.register(new Scheme(OPERATION_HTTP, PlainSocketFactory.getSocketFactory(), 80));
82 registry.register(new Scheme(OPERATION_HTTPS, sf, 443));
83 registry.register(new Scheme(OPERATION_HTTPS, sf, 8443));
84 registry.register(new Scheme(OPERATION_HTTP, sf, 8181));
86 ClientConnectionManager ccm = new ThreadSafeClientConnManager(params, registry);
87 return new DefaultHttpClient(ccm, params);
88 } catch (Exception e) {
89 LOG.error("Error creating HTTPs Client. Creating default client.", e);
90 return new DefaultHttpClient();
94 private static class MySSLSocketFactory extends SSLSocketFactory {
95 private SSLContext sslContext = SSLContext.getInstance("TLS");
97 private MySSLSocketFactory(KeyStore truststore)
98 throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException {
101 TrustManager tm = new X509TrustManager() {
103 public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {
104 LOG.debug("Inside checkClientTrusted");
108 public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {
109 LOG.debug("Inside checkServerTrusted");
113 public X509Certificate[] getAcceptedIssuers() {
114 return new X509Certificate[1];
118 sslContext.init(null, new TrustManager[] {tm}, null);
122 public Socket createSocket(Socket socket, String host, int port, boolean autoClose) throws IOException {
123 return sslContext.getSocketFactory().createSocket(socket, host, port, autoClose);
127 public Socket createSocket() throws IOException {
128 return sslContext.getSocketFactory().createSocket();