2 * ============LICENSE_START=======================================================
4 * ================================================================================
5 * Copyright © 2018 European Software Marketing Ltd.
6 * ================================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END=========================================================
20 package org.onap.aaf.cadi.sidecar.fproxy;
22 import java.io.IOException;
23 import java.security.GeneralSecurityException;
24 import javax.net.ssl.SSLContext;
25 import org.apache.http.conn.ssl.NoopHostnameVerifier;
26 import org.apache.http.impl.client.HttpClientBuilder;
27 import org.apache.http.impl.client.HttpClients;
28 import org.apache.http.ssl.SSLContextBuilder;
29 import org.eclipse.jetty.util.security.Password;
30 import org.springframework.beans.factory.annotation.Value;
31 import org.springframework.boot.web.client.RestTemplateBuilder;
32 import org.springframework.context.annotation.Bean;
33 import org.springframework.context.annotation.Configuration;
34 import org.springframework.context.annotation.Profile;
35 import org.springframework.http.client.HttpComponentsClientHttpRequestFactory;
36 import org.springframework.util.ResourceUtils;
37 import org.springframework.web.client.RestTemplate;
40 public class RestTemplateConfig {
42 @Value("${server.ssl.client-cert}")
43 private String clientCertPath;
45 @Value("${server.ssl.client-cert-password}")
46 private String clientCertPassword;
48 @Value("${server.ssl.trust-store}")
49 private String trustStorePath;
51 @Value("${server.ssl.trust-store-password}")
52 private String trustStorePassword;
56 public RestTemplate restTemplate(RestTemplateBuilder builder) throws GeneralSecurityException, IOException {
57 return new RestTemplate(new HttpComponentsClientHttpRequestFactory(getClientBuilder().build()));
60 @Profile("noHostVerification")
62 public RestTemplate restTemplateNoHostVerification(RestTemplateBuilder builder)
63 throws GeneralSecurityException, IOException {
64 return new RestTemplate(new HttpComponentsClientHttpRequestFactory(
65 getClientBuilder().setSSLHostnameVerifier(NoopHostnameVerifier.INSTANCE).build()));
68 private HttpClientBuilder getClientBuilder() throws GeneralSecurityException, IOException {
69 char[] clientPassword = Password.deobfuscate(clientCertPassword).toCharArray();
71 SSLContext sslContext = SSLContextBuilder.create()
72 .loadKeyMaterial(ResourceUtils.getFile(clientCertPath), clientPassword, clientPassword)
73 .loadTrustMaterial(ResourceUtils.getFile(trustStorePath), trustStorePassword.toCharArray()).build();
75 return HttpClients.custom().setSSLContext(sslContext);