2 * ============LICENSE_START=======================================================
4 * ================================================================================
5 * Copyright (C) 2018 AT&T Intellectual Property. All rights
7 * ================================================================================
8 * Licensed under the Apache License, Version 2.0 (the "License");
9 * you may not use this file except in compliance with the License.
10 * You may obtain a copy of the License at
12 * http://www.apache.org/licenses/LICENSE-2.0
14 * Unless required by applicable law or agreed to in writing, software
15 * distributed under the License is distributed on an "AS IS" BASIS,
16 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
17 * See the License for the specific language governing permissions and
18 * limitations under the License.
19 * ============LICENSE_END============================================
20 * ===================================================================
23 package org.onap.clamp.clds.config;
25 import java.io.IOException;
27 import java.security.KeyManagementException;
28 import java.security.KeyStore;
29 import java.security.KeyStoreException;
30 import java.security.NoSuchAlgorithmException;
31 import java.security.cert.CertificateException;
33 import javax.net.ssl.SSLContext;
34 import javax.net.ssl.TrustManagerFactory;
36 import org.apache.camel.CamelContext;
37 import org.apache.camel.builder.RouteBuilder;
38 import org.apache.camel.component.http4.HttpClientConfigurer;
39 import org.apache.camel.component.http4.HttpComponent;
40 import org.apache.camel.model.rest.RestBindingMode;
41 import org.apache.http.config.Registry;
42 import org.apache.http.config.RegistryBuilder;
43 import org.apache.http.conn.scheme.Scheme;
44 import org.apache.http.conn.scheme.SchemeRegistry;
45 import org.apache.http.conn.socket.ConnectionSocketFactory;
46 import org.apache.http.conn.socket.PlainConnectionSocketFactory;
47 import org.apache.http.conn.ssl.SSLSocketFactory;
48 import org.apache.http.impl.client.HttpClientBuilder;
49 import org.apache.http.impl.conn.BasicHttpClientConnectionManager;
50 import org.onap.clamp.clds.util.ClampVersioning;
51 import org.springframework.beans.factory.annotation.Autowired;
52 import org.springframework.core.env.Environment;
53 import org.springframework.stereotype.Component;
56 public class CamelConfiguration extends RouteBuilder {
59 CamelContext camelContext;
62 private Environment env;
64 private void configureDefaultSslProperties() {
65 if (env.getProperty("server.ssl.trust-store") != null) {
66 URL storeResource = CamelConfiguration.class
67 .getResource(env.getProperty("server.ssl.trust-store").replaceAll("classpath:", ""));
68 System.setProperty("javax.net.ssl.trustStore", storeResource.getPath());
69 System.setProperty("javax.net.ssl.trustStorePassword", env.getProperty("server.ssl.trust-store-password"));
70 System.setProperty("javax.net.ssl.trustStoreType", "jks");
71 System.setProperty("ssl.TrustManagerFactory.algorithm", "PKIX");
72 storeResource = CamelConfiguration.class
73 .getResource(env.getProperty("server.ssl.key-store").replaceAll("classpath:", ""));
74 System.setProperty("javax.net.ssl.keyStore", storeResource.getPath());
75 System.setProperty("javax.net.ssl.keyStorePassword", env.getProperty("server.ssl.key-store-password"));
76 System.setProperty("javax.net.ssl.keyStoreType", env.getProperty("server.ssl.key-store-type"));
80 private void registerTrustStore()
81 throws KeyStoreException, NoSuchAlgorithmException, KeyManagementException, CertificateException, IOException {
82 if (env.getProperty("server.ssl.trust-store") != null) {
83 KeyStore truststore = KeyStore.getInstance("JKS");
85 getClass().getClassLoader()
86 .getResourceAsStream(env.getProperty("server.ssl.trust-store").replaceAll("classpath:", "")),
87 env.getProperty("server.ssl.trust-store-password").toCharArray());
89 TrustManagerFactory trustFactory = TrustManagerFactory.getInstance("PKIX");
90 trustFactory.init(truststore);
91 SSLContext sslcontext = SSLContext.getInstance("TLS");
92 sslcontext.init(null, trustFactory.getTrustManagers(), null);
93 SSLSocketFactory factory = new SSLSocketFactory(sslcontext, SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
94 SchemeRegistry registry = new SchemeRegistry();
95 final Scheme scheme = new Scheme("https4", 443, factory);
96 registry.register(scheme);
97 ConnectionSocketFactory plainsf = PlainConnectionSocketFactory.getSocketFactory();
98 HttpComponent http4 = camelContext.getComponent("https4", HttpComponent.class);
99 http4.setHttpClientConfigurer(new HttpClientConfigurer() {
102 public void configureHttpClient(HttpClientBuilder builder) {
103 builder.setSSLSocketFactory(factory);
104 Registry<ConnectionSocketFactory> registry = RegistryBuilder.<ConnectionSocketFactory>create()
105 .register("https", factory).register("http", plainsf).build();
106 builder.setConnectionManager(new BasicHttpClientConnectionManager(registry));
113 public void configure()
114 throws KeyManagementException, KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException {
115 restConfiguration().component("servlet").bindingMode(RestBindingMode.json).jsonDataFormat("clamp-gson")
116 .dataFormatProperty("prettyPrint", "true")// .enableCORS(true)
117 // turn on swagger api-doc
118 .apiContextPath("api-doc").apiVendorExtension(true).apiProperty("api.title", "Clamp Rest API")
119 .apiProperty("api.version", ClampVersioning.getCldsVersionFromProps())
120 .apiProperty("base.path", "/restservices/clds/");
121 // .apiProperty("cors", "true");
122 camelContext.setTracing(true);
124 configureDefaultSslProperties();
125 registerTrustStore();