2 * ============LICENSE_START=======================================================
4 * ================================================================================
5 * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
6 * Modifications Copyright (C) 2018 Nokia. All rights reserved.
7 * ================================================================================
8 * Licensed under the Apache License, Version 2.0 (the "License");
9 * you may not use this file except in compliance with the License.
10 * You may obtain a copy of the License at
12 * http://www.apache.org/licenses/LICENSE-2.0
14 * Unless required by applicable law or agreed to in writing, software
15 * distributed under the License is distributed on an "AS IS" BASIS,
16 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
17 * See the License for the specific language governing permissions and
18 * limitations under the License.
19 * ============LICENSE_END=========================================================
22 package org.onap.vid.aai.util;
25 import org.glassfish.jersey.client.ClientConfig;
26 import org.glassfish.jersey.client.HttpUrlConnectorProvider;
27 import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
28 import org.onap.vid.aai.exceptions.HttpClientBuilderException;
30 import javax.net.ssl.HttpsURLConnection;
31 import javax.ws.rs.client.Client;
32 import javax.ws.rs.client.ClientBuilder;
33 import java.io.IOException;
34 import java.nio.file.FileSystems;
35 import java.security.GeneralSecurityException;
37 import static org.onap.vid.aai.util.HttpClientMode.WITH_KEYSTORE;
40 * The Class HttpsAuthClient.
42 public class HttpsAuthClient {
44 private static final String SSL_TRUST_STORE = "javax.net.ssl.trustStore";
45 private static final String SSL_TRUST_STORE_PASS_WORD = "javax.net.ssl.trustStorePassword";
47 private final SystemPropertyHelper systemPropertyHelper;
48 private final SSLContextProvider sslContextProvider;
50 public HttpsAuthClient(String certFilePath, SystemPropertyHelper systemPropertyHelper, SSLContextProvider sslContextProvider) {
51 this.certFilePath = certFilePath;
52 this.systemPropertyHelper = systemPropertyHelper;
53 this.sslContextProvider = sslContextProvider;
56 private final String certFilePath;
59 static EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(HttpsAuthClient.class);
67 public Client getClient(HttpClientMode mode) throws GeneralSecurityException, IOException {
68 ClientConfig config = prepareClientConfig(mode);
71 setSystemProperties();
75 return systemPropertyHelper.isClientCertEnabled() ?
76 getTrustedClient(config, getKeystorePath(), systemPropertyHelper.getDecryptedKeystorePassword(), mode)
77 : getUntrustedClient(config);
79 } catch (Exception e) {
80 logger.debug(EELFLoggerDelegate.debugLogger, "Error setting up config", e);
86 private void ignoreHostname() {
87 HttpsURLConnection.setDefaultHostnameVerifier((hostname, session) -> true);
90 private Client getUntrustedClient(ClientConfig config) {
91 return ClientBuilder.newBuilder().withConfig(config).build().register(CustomJacksonJaxBJsonProvider.class);
94 private Client getTrustedClient(ClientConfig config, String keystorePath, String keystorePassword, HttpClientMode httpClientMode) throws HttpClientBuilderException {
95 return ClientBuilder.newBuilder()
96 .sslContext(sslContextProvider.getSslContext(keystorePath, keystorePassword, httpClientMode))
97 .hostnameVerifier((s, sslSession) -> true)
100 .register(CustomJacksonJaxBJsonProvider.class);
103 private String getKeystorePath() {
104 return getCertificatesPath() + FileSystems.getDefault().getSeparator() + systemPropertyHelper.getAAIKeystoreFilename();
107 private void setSystemProperties() {
108 System.setProperty(SSL_TRUST_STORE, getCertificatesPath() + FileSystems.getDefault().getSeparator() +
109 systemPropertyHelper.getAAITruststoreFilename().orElse(""));
110 System.setProperty(SSL_TRUST_STORE_PASS_WORD, systemPropertyHelper.getDecryptedTruststorePassword());
113 private ClientConfig prepareClientConfig(HttpClientMode mode) {
114 ClientConfig config = new ClientConfig();
115 if (mode.equals(WITH_KEYSTORE)) {
116 config.property(HttpUrlConnectorProvider.SET_METHOD_WORKAROUND, Boolean.TRUE);
117 config.connectorProvider(new HttpUrlConnectorProvider().useSetMethodWorkaround());
122 private String getCertificatesPath() {