vid-app-common/src/main/java/org/openecomp/aai/util/HttpsComponentsClient.java

   1 /*-\r
   2  * ============LICENSE_START=======================================================\r
   3  * VID\r
   4  * ================================================================================\r
   5  * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.\r
   6  * ================================================================================\r
   7  * Licensed under the Apache License, Version 2.0 (the "License");\r
   8  * you may not use this file except in compliance with the License.\r
   9  * You may obtain a copy of the License at\r
  10  * \r
  11  *      http://www.apache.org/licenses/LICENSE-2.0\r
  12  * \r
  13  * Unless required by applicable law or agreed to in writing, software\r
  14  * distributed under the License is distributed on an "AS IS" BASIS,\r
  15  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r
  16  * See the License for the specific language governing permissions and\r
  17  * limitations under the License.\r
  18  * ============LICENSE_END=========================================================\r
  19  */\r
  20 \r
  21 package org.openecomp.aai.util;\r
  22 \r
  23 import java.io.FileInputStream;\r
  24 import java.security.KeyManagementException;\r
  25 import java.security.KeyStore;\r
  26 \r
  27 import javax.net.ssl.SSLContext;\r
  28 \r
  29 import org.apache.http.conn.ssl.SSLContextBuilder;\r
  30 import org.apache.http.impl.client.CloseableHttpClient;\r
  31 import org.apache.http.conn.ssl.SSLConnectionSocketFactory;\r
  32 import org.apache.http.impl.client.HttpClients;\r
  33 import org.eclipse.jetty.util.security.Password;\r
  34 import org.openecomp.portalsdk.core.util.SystemProperties;\r
  35 \r
  36 \r
  37 /**\r
  38  * The Class HttpsComponentsClient.\r
  39  */\r
  40 public class HttpsComponentsClient{\r
  41         \r
  42         /**\r
  43          * Gets the client.\r
  44          *\r
  45          * @param certFilePath the cert file path\r
  46          * @return the client\r
  47          * @throws KeyManagementException the key management exception\r
  48          */\r
  49         public static CloseableHttpClient getClient(String certFilePath) throws Exception {\r
  50                 CloseableHttpClient httpclient = null;\r
  51                 try {\r
  52                         \r
  53                         String truststore_path = certFilePath + AAIProperties.FILESEPARTOR + SystemProperties.getProperty(AAIProperties.AAI_TRUSTSTORE_FILENAME);\r
  54                         String truststore_password = SystemProperties.getProperty(AAIProperties.AAI_TRUSTSTORE_PASSWD_X);\r
  55                         String decrypted_truststore_password = Password.deobfuscate(truststore_password);\r
  56                         String keystore_path = certFilePath + AAIProperties.FILESEPARTOR + SystemProperties.getProperty(AAIProperties.AAI_KEYSTORE_FILENAME);\r
  57                         String keystore_password = SystemProperties.getProperty(AAIProperties.AAI_KEYSTORE_PASSWD_X);\r
  58                         String decrypted_keystore_password = Password.deobfuscate(keystore_password);\r
  59                         \r
  60                         SSLContextBuilder sslContextB = new SSLContextBuilder();\r
  61                         \r
  62                         KeyStore ks = KeyStore.getInstance("PKCS12");\r
  63                         FileInputStream fin = new FileInputStream(keystore_path);\r
  64                         char[] pwd = decrypted_keystore_password.toCharArray();\r
  65                         ks.load(fin, pwd);\r
  66                         \r
  67                         sslContextB.loadKeyMaterial(ks, pwd);\r
  68                         \r
  69                         KeyStore ts = KeyStore.getInstance("JKS");\r
  70                         FileInputStream fin1 = new FileInputStream(truststore_path);\r
  71                         char[] pwd1 = decrypted_truststore_password.toCharArray();\r
  72                         ts.load(fin1, pwd1);\r
  73                         \r
  74                         sslContextB.loadTrustMaterial(ts);\r
  75                         sslContextB.loadKeyMaterial(ks, pwd);\r
  76                         sslContextB.useTLS();\r
  77                         \r
  78                         SSLContext sslcontext = sslContextB.build();\r
  79                         \r
  80                         SSLConnectionSocketFactory sslFactory = new SSLConnectionSocketFactory(\r
  81                         sslcontext,\r
  82                         new String[] { "TLSv1.1", "TLSv1.2" },\r
  83                         null,\r
  84                         SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER );\r
  85                 \r
  86                         httpclient = HttpClients.custom()\r
  87                         .setSSLSocketFactory(sslFactory)\r
  88                         .build();\r
  89 \r
  90 \r
  91                 } catch (Exception e) {\r
  92                         throw e;\r
  93                 }\r
  94                 return httpclient;\r
  95         }\r
  96 \r
  97 \r
  98         \r
  99 }  \r