so-etsi-nfvo/so-etsi-nfvo-ns-lcm/so-etsi-nfvo-ns-lcm-bpmn-flows/src/main/java/org/onap/so/etsi/nfvo/ns/lcm/bpmn/flows/extclients/etsicatalog/EtsiCatalogServiceProviderConfiguration.java

   1 /*-
   2  * ============LICENSE_START=======================================================
   3  *  Copyright (C) 2020 Nordix Foundation.
   4  * ================================================================================
   5  * Licensed under the Apache License, Version 2.0 (the "License");
   6  * you may not use this file except in compliance with the License.
   7  * You may obtain a copy of the License at
   8  *
   9  *      http://www.apache.org/licenses/LICENSE-2.0
  10  *
  11  * Unless required by applicable law or agreed to in writing, software
  12  * distributed under the License is distributed on an "AS IS" BASIS,
  13  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  14  * See the License for the specific language governing permissions and
  15  * limitations under the License.
  16  *
  17  * SPDX-License-Identifier: Apache-2.0
  18  * ============LICENSE_END=========================================================
  19  */
  20
  21 package org.onap.so.etsi.nfvo.ns.lcm.bpmn.flows.extclients.etsicatalog;
  22
  23 import java.io.IOException;
  24 import java.security.KeyManagementException;
  25 import java.security.KeyStoreException;
  26 import java.security.NoSuchAlgorithmException;
  27 import java.security.cert.CertificateException;
  28 import java.util.Iterator;
  29 import java.util.concurrent.TimeUnit;
  30 import javax.net.ssl.HostnameVerifier;
  31 import javax.net.ssl.SSLContext;
  32 import javax.net.ssl.SSLSession;
  33 import org.apache.http.client.config.RequestConfig;
  34 import org.apache.http.config.Registry;
  35 import org.apache.http.config.RegistryBuilder;
  36 import org.apache.http.conn.socket.ConnectionSocketFactory;
  37 import org.apache.http.conn.socket.PlainConnectionSocketFactory;
  38 import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
  39 import org.apache.http.impl.client.HttpClientBuilder;
  40 import org.apache.http.impl.conn.PoolingHttpClientConnectionManager;
  41 import org.apache.http.ssl.SSLContextBuilder;
  42 import org.onap.logging.filter.spring.SpringClientPayloadFilter;
  43 import org.onap.so.configuration.rest.BasicHttpHeadersProvider;
  44 import org.onap.so.configuration.rest.HttpClientConnectionConfiguration;
  45 import org.onap.so.etsi.nfvo.ns.lcm.bpmn.flows.GsonProvider;
  46 import org.onap.so.logging.jaxrs.filter.SOSpringClientFilter;
  47 import org.onap.so.rest.service.HttpRestServiceProvider;
  48 import org.onap.so.rest.service.HttpRestServiceProviderImpl;
  49 import org.slf4j.Logger;
  50 import org.slf4j.LoggerFactory;
  51 import org.springframework.beans.factory.annotation.Autowired;
  52 import org.springframework.beans.factory.annotation.Qualifier;
  53 import org.springframework.beans.factory.annotation.Value;
  54 import org.springframework.context.annotation.Bean;
  55 import org.springframework.context.annotation.Configuration;
  56 import org.springframework.core.io.Resource;
  57 import org.springframework.http.client.BufferingClientHttpRequestFactory;
  58 import org.springframework.http.client.HttpComponentsClientHttpRequestFactory;
  59 import org.springframework.http.converter.HttpMessageConverter;
  60 import org.springframework.http.converter.json.GsonHttpMessageConverter;
  61 import org.springframework.http.converter.json.MappingJackson2HttpMessageConverter;
  62 import org.springframework.web.client.RestTemplate;
  63
  64 /**
  65  * Configures the HttpRestServiceProvider to make REST calls to the ETSI Catalog Manager
  66  *
  67  * @author gareth.roper@est.tech
  68  */
  69
  70 @Configuration
  71 public class EtsiCatalogServiceProviderConfiguration {
  72     private static final Logger LOGGER = LoggerFactory.getLogger(EtsiCatalogServiceProviderConfiguration.class);
  73
  74     public static final String ETSI_CATALOG_SERVICE_PROVIDER_BEAN = "etsiCatalogServiceProvider";
  75
  76     public static final String ETSI_CATALOG_REST_TEMPLATE_BEAN = "etsiCatalogRestTemplate";
  77
  78     private final HttpClientConnectionConfiguration clientConnectionConfiguration;
  79
  80     @Value("${etsi-catalog-manager.http.client.ssl.trust-store:#{null}}")
  81     private Resource trustStore;
  82     @Value("${etsi-catalog-manager.http.client.ssl.trust-store-password:#{null}}")
  83     private String trustStorePassword;
  84
  85     private final GsonProvider gsonProvider;
  86
  87     @Autowired
  88     public EtsiCatalogServiceProviderConfiguration(
  89             final HttpClientConnectionConfiguration clientConnectionConfiguration, final GsonProvider gsonProvider) {
  90         this.clientConnectionConfiguration = clientConnectionConfiguration;
  91         this.gsonProvider = gsonProvider;
  92     }
  93
  94     @Bean
  95     @Qualifier(ETSI_CATALOG_REST_TEMPLATE_BEAN)
  96     public RestTemplate etsiCatalogRestTemplate() {
  97         final RestTemplate restTemplate = new RestTemplate();
  98         restTemplate.getInterceptors().add(new SOSpringClientFilter());
  99         restTemplate.getInterceptors().add((new SpringClientPayloadFilter()));
 100         return restTemplate;
 101     }
 102
 103     @Bean
 104     @Qualifier(ETSI_CATALOG_SERVICE_PROVIDER_BEAN)
 105     public HttpRestServiceProvider etsiCatalogHttpRestServiceProvider(
 106             @Qualifier(ETSI_CATALOG_REST_TEMPLATE_BEAN) final RestTemplate restTemplate) {
 107         setGsonMessageConverter(restTemplate);
 108
 109         final HttpClientBuilder httpClientBuilder = getHttpClientBuilder();
 110         if (trustStore != null) {
 111             try {
 112                 LOGGER.debug("Setting up HttpComponentsClientHttpRequestFactory with SSL Context");
 113                 LOGGER.debug("Setting client trust-store: {}", trustStore.getURL());
 114                 LOGGER.debug("Creating SSLConnectionSocketFactory with AllowAllHostsVerifier ... ");
 115                 final SSLContext sslContext = new SSLContextBuilder()
 116                         .loadTrustMaterial(trustStore.getURL(), trustStorePassword.toCharArray()).build();
 117                 final SSLConnectionSocketFactory sslConnectionSocketFactory =
 118                         new SSLConnectionSocketFactory(sslContext, AllowAllHostsVerifier.INSTANCE);
 119                 httpClientBuilder.setSSLSocketFactory(sslConnectionSocketFactory);
 120                 final Registry<ConnectionSocketFactory> socketFactoryRegistry = RegistryBuilder
 121                         .<ConnectionSocketFactory>create().register("http", PlainConnectionSocketFactory.INSTANCE)
 122                         .register("https", sslConnectionSocketFactory).build();
 123
 124                 httpClientBuilder.setConnectionManager(getConnectionManager(socketFactoryRegistry));
 125             } catch (final KeyManagementException | NoSuchAlgorithmException | KeyStoreException | CertificateException
 126                     | IOException exception) {
 127                 LOGGER.error("Error reading truststore, TLS connection will fail.", exception);
 128             }
 129
 130         } else {
 131             LOGGER.debug("Setting connection manager without SSL ConnectionSocketFactory ...");
 132             httpClientBuilder.setConnectionManager(getConnectionManager());
 133         }
 134
 135         final HttpComponentsClientHttpRequestFactory factory =
 136                 new HttpComponentsClientHttpRequestFactory(httpClientBuilder.build());
 137         restTemplate.setRequestFactory(new BufferingClientHttpRequestFactory(factory));
 138
 139         return new HttpRestServiceProviderImpl(restTemplate, new BasicHttpHeadersProvider().getHttpHeaders());
 140     }
 141
 142     private PoolingHttpClientConnectionManager getConnectionManager(
 143             final Registry<ConnectionSocketFactory> socketFactoryRegistry) {
 144         return new PoolingHttpClientConnectionManager(socketFactoryRegistry, null, null, null,
 145                 clientConnectionConfiguration.getTimeToLiveInMins(), TimeUnit.MINUTES);
 146     }
 147
 148     private PoolingHttpClientConnectionManager getConnectionManager() {
 149         return new PoolingHttpClientConnectionManager(clientConnectionConfiguration.getTimeToLiveInMins(),
 150                 TimeUnit.MINUTES);
 151     }
 152
 153     private HttpClientBuilder getHttpClientBuilder() {
 154         return HttpClientBuilder.create().setMaxConnPerRoute(clientConnectionConfiguration.getMaxConnectionsPerRoute())
 155                 .setMaxConnTotal(clientConnectionConfiguration.getMaxConnections())
 156                 .setDefaultRequestConfig(getRequestConfig());
 157     }
 158
 159     private RequestConfig getRequestConfig() {
 160         return RequestConfig.custom().setSocketTimeout(clientConnectionConfiguration.getSocketTimeOutInMiliSeconds())
 161                 .setConnectTimeout(clientConnectionConfiguration.getConnectionTimeOutInMilliSeconds()).build();
 162     }
 163
 164     private static final class AllowAllHostsVerifier implements HostnameVerifier {
 165
 166         private static final AllowAllHostsVerifier INSTANCE = new AllowAllHostsVerifier();
 167
 168         @Override
 169         public boolean verify(final String hostname, final SSLSession session) {
 170             LOGGER.debug("Skipping hostname verification ...");
 171             return true;
 172         }
 173
 174     }
 175
 176     public void setGsonMessageConverter(final RestTemplate restTemplate) {
 177         final Iterator<HttpMessageConverter<?>> iterator = restTemplate.getMessageConverters().iterator();
 178         while (iterator.hasNext()) {
 179             if (iterator.next() instanceof MappingJackson2HttpMessageConverter) {
 180                 iterator.remove();
 181             }
 182         }
 183         restTemplate.getMessageConverters().add(new GsonHttpMessageConverter(gsonProvider.getGson()));
 184     }
 185
 186
 187
 188 }