certServiceClient/src/main/java/org/onap/oom/certservice/client/CertServiceClient.java

   1 /*============LICENSE_START=======================================================
   2  * oom-certservice-client
   3  * ================================================================================
   4  * Copyright (C) 2020 Nokia. All rights reserved.
   5  * ================================================================================
   6  * Licensed under the Apache License, Version 2.0 (the "License");
   7  * you may not use this file except in compliance with the License.
   8  * You may obtain a copy of the License at
   9  *
  10  *      http://www.apache.org/licenses/LICENSE-2.0
  11  *
  12  * Unless required by applicable law or agreed to in writing, software
  13  * distributed under the License is distributed on an "AS IS" BASIS,
  14  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  15  * See the License for the specific language governing permissions and
  16  * limitations under the License.
  17  * ============LICENSE_END=========================================================
  18  */
  19
  20 package org.onap.oom.certservice.client;
  21
  22 import static org.onap.oom.certservice.client.api.ExitStatus.SUCCESS;
  23 import static org.onap.oom.certservice.client.certification.EncryptionAlgorithmConstants.KEY_SIZE;
  24 import static org.onap.oom.certservice.client.certification.EncryptionAlgorithmConstants.RSA_ENCRYPTION_ALGORITHM;
  25
  26 import java.security.KeyPair;
  27 import javax.net.ssl.SSLContext;
  28 import org.onap.oom.certservice.client.api.ExitStatus;
  29 import org.onap.oom.certservice.client.api.ExitableException;
  30 import org.onap.oom.certservice.client.certification.ArtifactsCreatorProvider;
  31 import org.onap.oom.certservice.client.certification.CsrFactory;
  32 import org.onap.oom.certservice.client.certification.KeyPairFactory;
  33 import org.onap.oom.certservice.client.certification.PrivateKeyToPemEncoder;
  34 import org.onap.oom.certservice.client.common.Base64Encoder;
  35 import org.onap.oom.certservice.client.configuration.EnvsForClient;
  36 import org.onap.oom.certservice.client.configuration.EnvsForCsr;
  37 import org.onap.oom.certservice.client.configuration.EnvsForTls;
  38 import org.onap.oom.certservice.client.configuration.factory.ClientConfigurationFactory;
  39 import org.onap.oom.certservice.client.configuration.factory.CsrConfigurationFactory;
  40 import org.onap.oom.certservice.client.configuration.factory.SanMapper;
  41 import org.onap.oom.certservice.client.configuration.factory.SslContextFactory;
  42 import org.onap.oom.certservice.client.configuration.model.ClientConfiguration;
  43 import org.onap.oom.certservice.client.configuration.model.CsrConfiguration;
  44 import org.onap.oom.certservice.client.configuration.validation.client.OutputTypeValidator;
  45 import org.onap.oom.certservice.client.configuration.validation.csr.CommonNameValidator;
  46 import org.onap.oom.certservice.client.httpclient.CloseableHttpsClientProvider;
  47 import org.onap.oom.certservice.client.httpclient.HttpClient;
  48 import org.onap.oom.certservice.client.httpclient.model.CertServiceResponse;
  49 import org.slf4j.Logger;
  50 import org.slf4j.LoggerFactory;
  51
  52 public class CertServiceClient {
  53
  54     private static final Logger LOGGER = LoggerFactory.getLogger(CertServiceClient.class);
  55
  56     private AppExitHandler appExitHandler;
  57
  58     public CertServiceClient(AppExitHandler appExitHandler) {
  59         this.appExitHandler = appExitHandler;
  60     }
  61
  62     public void run() {
  63         KeyPairFactory keyPairFactory = new KeyPairFactory(RSA_ENCRYPTION_ALGORITHM, KEY_SIZE);
  64         PrivateKeyToPemEncoder pkEncoder = new PrivateKeyToPemEncoder();
  65         Base64Encoder base64Encoder = new Base64Encoder();
  66         try {
  67             ClientConfiguration clientConfiguration = new ClientConfigurationFactory(new EnvsForClient(),
  68                 new OutputTypeValidator()).create();
  69             CsrConfiguration csrConfiguration = new CsrConfigurationFactory(new EnvsForCsr(), new CommonNameValidator(),
  70                 new SanMapper()).create();
  71             KeyPair keyPair = keyPairFactory.create();
  72             CsrFactory csrFactory = new CsrFactory(csrConfiguration);
  73             SSLContext sslContext = new SslContextFactory(new EnvsForTls()).create();
  74
  75             CloseableHttpsClientProvider provider = new CloseableHttpsClientProvider(
  76                 sslContext, clientConfiguration.getRequestTimeoutInMs());
  77             HttpClient httpClient = new HttpClient(provider, clientConfiguration.getUrlToCertService());
  78
  79             CertServiceResponse certServiceData =
  80                 httpClient.retrieveCertServiceData(
  81                     clientConfiguration.getCaName(),
  82                     base64Encoder.encode(csrFactory.createCsrInPem(keyPair)),
  83                     base64Encoder.encode(pkEncoder.encodePrivateKeyToPem(keyPair.getPrivate())));
  84
  85             ArtifactsCreatorProvider
  86                 .get(clientConfiguration.getOutputType(),
  87                     clientConfiguration.getCertsOutputPath())
  88                 .create(certServiceData.getCertificateChain(),
  89                     certServiceData.getTrustedCertificates(),
  90                     keyPair.getPrivate());
  91
  92         } catch (ExitableException e) {
  93             LOGGER.error("Cert Service Client fails in execution: ", e);
  94             appExitHandler.exit(e.applicationExitStatus());
  95         } catch (Exception e) {
  96             LOGGER.error("Application failed (unexpected error): ", e);
  97             appExitHandler.exit(ExitStatus.UNEXPECTED_EXCEPTION);
  98         }
  99         appExitHandler.exit(SUCCESS);
 100     }
 101 }