2 * ============LICENSE_START=======================================================
4 * ================================================================================
5 * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
6 * Copyright © 2017 Amdocs
7 * ================================================================================
8 * Licensed under the Apache License, Version 2.0 (the "License");
9 * you may not use this file except in compliance with the License.
10 * You may obtain a copy of the License at
12 * http://www.apache.org/licenses/LICENSE-2.0
14 * Unless required by applicable law or agreed to in writing, software
15 * distributed under the License is distributed on an "AS IS" BASIS,
16 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
17 * See the License for the specific language governing permissions and
18 * limitations under the License.
19 * ============LICENSE_END=========================================================
21 * ECOMP is a trademark and service mark of AT&T Intellectual Property.
23 package org.onap.aai.sparky.dal.rest;
25 import com.sun.jersey.api.client.Client;
26 import com.sun.jersey.api.client.config.ClientConfig;
27 import com.sun.jersey.api.client.config.DefaultClientConfig;
28 import com.sun.jersey.client.urlconnection.HTTPSProperties;
30 import javax.net.ssl.HostnameVerifier;
31 import javax.net.ssl.SSLContext;
32 import javax.net.ssl.SSLSession;
34 import org.onap.aai.sparky.security.SecurityContextFactory;
35 import org.onap.aai.sparky.security.SecurityContextFactoryImpl;
38 * This is a generic REST Client builder with flexible security validation. Sometimes it's nice to
39 * be able to disable server chain cert validation and hostname validation to work-around lab
40 * issues, but at the same time be able to provide complete validation with client cert + hostname +
41 * server cert chain validation. I used the ModelLoader REST client as a base and merged in the TSUI
42 * client I wrote which also validates the server hostname and server certificate chain.
47 public class RestClientBuilder {
50 * TODO: implement fluent interface?
53 private boolean useHttps;
54 private boolean validateServerHostname;
55 private int connectTimeoutInMs;
56 private int readTimeoutInMs;
57 protected SecurityContextFactory sslContextFactory;
60 * Instantiates a new rest client builder.
62 public RestClientBuilder() {
63 validateServerHostname = false;
64 connectTimeoutInMs = 60000;
65 readTimeoutInMs = 60000;
67 sslContextFactory = new SecurityContextFactoryImpl();
70 public SecurityContextFactory getSslContextFactory() {
71 return sslContextFactory;
74 public void setSslContextFactory(SecurityContextFactory sslContextFactory) {
75 this.sslContextFactory = sslContextFactory;
78 public boolean isUseHttps() {
82 public void setUseHttps(boolean useHttps) {
83 this.useHttps = useHttps;
86 public int getConnectTimeoutInMs() {
87 return connectTimeoutInMs;
90 public void setConnectTimeoutInMs(int connectTimeoutInMs) {
91 this.connectTimeoutInMs = connectTimeoutInMs;
94 public int getReadTimeoutInMs() {
95 return readTimeoutInMs;
98 public void setReadTimeoutInMs(int readTimeoutInMs) {
99 this.readTimeoutInMs = readTimeoutInMs;
102 public boolean isValidateServerHostname() {
103 return validateServerHostname;
106 public void setValidateServerHostname(boolean validateServerHostname) {
107 this.validateServerHostname = validateServerHostname;
110 public Client getClient() throws Exception {
112 Client client = null;
113 ClientConfig clientConfig = new DefaultClientConfig();
116 SSLContext sslContext = sslContextFactory.getSecureContext();
118 if (validateServerHostname) {
120 clientConfig.getProperties().put(HTTPSProperties.PROPERTY_HTTPS_PROPERTIES,
121 new HTTPSProperties(null, sslContext));
124 clientConfig.getProperties().put(HTTPSProperties.PROPERTY_HTTPS_PROPERTIES,
125 new HTTPSProperties(new HostnameVerifier() {
127 public boolean verify(String string, SSLSession sslSession) {
135 client = Client.create(clientConfig);
137 client.setConnectTimeout(connectTimeoutInMs);
138 client.setReadTimeout(readTimeoutInMs);