ms/blueprintsprocessor/modules/commons/rest-lib/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/rest/service/SSLBasicAuthRestClientService.kt

   1 /*
   2  * Copyright © 2017-2019 AT&T, Bell Canada
   3  *
   4  * Licensed under the Apache License, Version 2.0 (the "License");
   5  * you may not use this file except in compliance with the License.
   6  * You may obtain a copy of the License at
   7  *
   8  *     http://www.apache.org/licenses/LICENSE-2.0
   9  *
  10  * Unless required by applicable law or agreed to in writing, software
  11  * distributed under the License is distributed on an "AS IS" BASIS,
  12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  13  * See the License for the specific language governing permissions and
  14  * limitations under the License.
  15  */
  16
  17 package org.onap.ccsdk.cds.blueprintsprocessor.rest.service
  18
  19 import org.apache.http.conn.ssl.SSLConnectionSocketFactory
  20 import org.apache.http.impl.client.CloseableHttpClient
  21 import org.apache.http.impl.client.HttpClients
  22 import org.apache.http.ssl.SSLContextBuilder
  23 import org.onap.ccsdk.cds.blueprintsprocessor.rest.SSLBasicAuthRestClientProperties
  24 import org.onap.ccsdk.cds.blueprintsprocessor.rest.utils.WebClientUtils
  25 import org.springframework.http.HttpHeaders
  26 import org.springframework.http.MediaType
  27 import java.io.File
  28 import java.io.FileInputStream
  29 import java.security.KeyStore
  30 import java.security.cert.X509Certificate
  31
  32 class SSLBasicAuthRestClientService(private val restClientProperties: SSLBasicAuthRestClientProperties) :
  33     BlueprintWebClientService {
  34
  35     override fun defaultHeaders(): Map<String, String> {
  36         return mapOf(
  37                 HttpHeaders.CONTENT_TYPE to MediaType.APPLICATION_JSON_VALUE,
  38                 HttpHeaders.ACCEPT to MediaType.APPLICATION_JSON_VALUE)
  39     }
  40
  41     override fun host(uri: String): String {
  42         return restClientProperties.url + uri
  43     }
  44
  45     override fun httpClient(): CloseableHttpClient {
  46
  47         val keystoreInstance = restClientProperties.keyStoreInstance
  48         val sslKey = restClientProperties.sslKey
  49         val sslKeyPwd = restClientProperties.sslKeyPassword
  50         val sslTrust = restClientProperties.sslTrust
  51         val sslTrustPwd = restClientProperties.sslTrustPassword
  52
  53         val acceptingTrustStrategy = { chain: Array<X509Certificate>, authType: String -> true }
  54
  55         FileInputStream(sslKey).use { keyInput ->
  56             val keyStore = KeyStore.getInstance(keystoreInstance)
  57             keyStore.load(keyInput, sslKeyPwd.toCharArray())
  58
  59             val sslContext =
  60                 SSLContextBuilder.create()
  61                     .loadKeyMaterial(keyStore, sslKeyPwd.toCharArray())
  62                     .loadTrustMaterial(File(sslTrust), sslTrustPwd.toCharArray(), acceptingTrustStrategy).build()
  63
  64             val csf = SSLConnectionSocketFactory(sslContext!!)
  65
  66             return HttpClients.custom()
  67                 .addInterceptorFirst(WebClientUtils.logRequest())
  68                 .addInterceptorLast(WebClientUtils.logResponse())
  69                 .setSSLSocketFactory(csf).build()
  70         }
  71     }
  72 }