2 * ============LICENSE_START=======================================================
4 * ================================================================================
5 * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
6 * Copyright © 2017 Amdocs
7 * ================================================================================
8 * Licensed under the Apache License, Version 2.0 (the "License");
9 * you may not use this file except in compliance with the License.
10 * You may obtain a copy of the License at
12 * http://www.apache.org/licenses/LICENSE-2.0
14 * Unless required by applicable law or agreed to in writing, software
15 * distributed under the License is distributed on an "AS IS" BASIS,
16 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
17 * See the License for the specific language governing permissions and
18 * limitations under the License.
19 * ============LICENSE_END=========================================================
21 * ECOMP is a trademark and service mark of AT&T Intellectual Property.
23 package org.openecomp.sparky.dal.rest;
25 import com.sun.jersey.api.client.Client;
26 import com.sun.jersey.api.client.config.ClientConfig;
27 import com.sun.jersey.api.client.config.DefaultClientConfig;
28 import com.sun.jersey.client.urlconnection.HTTPSProperties;
30 import javax.net.ssl.HostnameVerifier;
31 import javax.net.ssl.SSLContext;
32 import javax.net.ssl.SSLSession;
34 import org.openecomp.sparky.security.SecurityContextFactory;
35 import org.openecomp.sparky.security.SecurityContextFactoryImpl;
38 * This is a generic REST Client builder with flexible security validation. Sometimes it's nice to
39 * be able to disable server chain cert validation and hostname validation to work-around lab
40 * issues, but at the same time be able to provide complete validation with client cert + hostname +
41 * server cert chain validation.
42 * I used the ModelLoader REST client as a base and merged in the TSUI client I wrote which also
43 * validates the server hostname and server certificate chain.
48 public class RestClientBuilder {
51 * TODO: implement fluent interface?
54 private boolean useHttps;
55 private boolean validateServerHostname;
56 private int connectTimeoutInMs;
57 private int readTimeoutInMs;
58 protected SecurityContextFactory sslContextFactory;
61 * Instantiates a new rest client builder.
63 public RestClientBuilder() {
64 validateServerHostname = false;
65 connectTimeoutInMs = 60000;
66 readTimeoutInMs = 60000;
68 sslContextFactory = new SecurityContextFactoryImpl();
71 public SecurityContextFactory getSslContextFactory() {
72 return sslContextFactory;
75 public void setSslContextFactory(SecurityContextFactory sslContextFactory) {
76 this.sslContextFactory = sslContextFactory;
79 public boolean isUseHttps() {
83 public void setUseHttps(boolean useHttps) {
84 this.useHttps = useHttps;
87 public int getConnectTimeoutInMs() {
88 return connectTimeoutInMs;
91 public void setConnectTimeoutInMs(int connectTimeoutInMs) {
92 this.connectTimeoutInMs = connectTimeoutInMs;
95 public int getReadTimeoutInMs() {
96 return readTimeoutInMs;
99 public void setReadTimeoutInMs(int readTimeoutInMs) {
100 this.readTimeoutInMs = readTimeoutInMs;
103 public boolean isValidateServerHostname() {
104 return validateServerHostname;
107 public void setValidateServerHostname(boolean validateServerHostname) {
108 this.validateServerHostname = validateServerHostname;
111 public Client getClient() throws Exception {
113 Client client = null;
114 ClientConfig clientConfig = new DefaultClientConfig();
117 SSLContext sslContext = sslContextFactory.getSecureContext();
119 if (validateServerHostname) {
121 clientConfig.getProperties().put(HTTPSProperties.PROPERTY_HTTPS_PROPERTIES,
122 new HTTPSProperties(null, sslContext));
125 clientConfig.getProperties().put(HTTPSProperties.PROPERTY_HTTPS_PROPERTIES,
126 new HTTPSProperties(new HostnameVerifier() {
128 public boolean verify(String string, SSLSession sslSession) {
136 client = Client.create(clientConfig);
138 client.setConnectTimeout(connectTimeoutInMs);
139 client.setReadTimeout(readTimeoutInMs);