gerrit.onap Code Review - ccsdk/cds.git/blob

   1 /*
   2  * Copyright © 2017-2019 AT&T, Bell Canada
   3  * Modifications Copyright © 2019 Huawei.
   4  *
   5  * Licensed under the Apache License, Version 2.0 (the "License");
   6  * you may not use this file except in compliance with the License.
   7  * You may obtain a copy of the License at
   8  *
   9  *     http://www.apache.org/licenses/LICENSE-2.0
  10  *
  11  * Unless required by applicable law or agreed to in writing, software
  12  * distributed under the License is distributed on an "AS IS" BASIS,
  13  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  14  * See the License for the specific language governing permissions and
  15  * limitations under the License.
  16  */
  17
  18 package org.onap.ccsdk.cds.blueprintsprocessor.rest.service
  19
  20 import org.apache.http.conn.ssl.SSLConnectionSocketFactory
  21 import org.apache.http.impl.client.CloseableHttpClient
  22 import org.apache.http.impl.client.HttpClients
  23 import org.apache.http.message.BasicHeader
  24 import org.apache.http.ssl.SSLContextBuilder
  25 import org.onap.ccsdk.cds.blueprintsprocessor.rest.SSLBasicAuthRestClientProperties
  26 import org.onap.ccsdk.cds.blueprintsprocessor.rest.SSLRestClientProperties
  27 import org.onap.ccsdk.cds.blueprintsprocessor.rest.SSLTokenAuthRestClientProperties
  28 import org.onap.ccsdk.cds.blueprintsprocessor.rest.utils.WebClientUtils
  29 import org.springframework.http.HttpHeaders
  30 import org.springframework.http.MediaType
  31 import java.io.File
  32 import java.io.FileInputStream
  33 import java.security.KeyStore
  34 import java.security.cert.X509Certificate
  35
  36 class SSLRestClientService(private val restClientProperties:
  37                            SSLRestClientProperties) :
  38         BlueprintWebClientService {
  39
  40     var auth: BlueprintWebClientService? = null
  41
  42     init {
  43          auth = getAuthService()
  44     }
  45
  46     private fun getAuthService() : BlueprintWebClientService? {
  47
  48         return when(restClientProperties) {
  49             is SSLBasicAuthRestClientProperties -> {
  50                 val basic =  restClientProperties.basicAuth!!
  51                 BasicAuthRestClientService(basic)
  52             }
  53             is SSLTokenAuthRestClientProperties -> {
  54                 val token =  restClientProperties.tokenAuth!!
  55                 TokenAuthRestClientService(token)
  56             }
  57             else -> {
  58                 //Returns null for No auth
  59                 null
  60             }
  61         }
  62     }
  63
  64
  65     override fun defaultHeaders(): Map<String, String> {
  66
  67         if (auth != null) {
  68             return auth!!.defaultHeaders()
  69         }
  70         return mapOf(
  71                 HttpHeaders.CONTENT_TYPE to MediaType.APPLICATION_JSON_VALUE,
  72                 HttpHeaders.ACCEPT to MediaType.APPLICATION_JSON_VALUE)
  73     }
  74
  75     override fun host(uri: String): String {
  76
  77         return restClientProperties.url + uri
  78     }
  79
  80     override fun httpClient(): CloseableHttpClient {
  81
  82         val keystoreInstance = restClientProperties.keyStoreInstance
  83         val sslKey = restClientProperties.sslKey
  84         val sslKeyPwd = restClientProperties.sslKeyPassword
  85         val sslTrust = restClientProperties.sslTrust
  86         val sslTrustPwd = restClientProperties.sslTrustPassword
  87
  88         val acceptingTrustStrategy = { chain: Array<X509Certificate>,
  89                                        authType: String -> true }
  90         val sslContext = SSLContextBuilder.create()
  91
  92         if (sslKey != null && sslKeyPwd != null) {
  93             FileInputStream(sslKey).use { keyInput ->
  94                 val keyStore = KeyStore.getInstance(keystoreInstance)
  95                 keyStore.load(keyInput, sslKeyPwd.toCharArray())
  96                 sslContext.loadKeyMaterial(keyStore, sslKeyPwd.toCharArray())
  97             }
  98         }
  99
 100         sslContext.loadTrustMaterial(File(sslTrust), sslTrustPwd.toCharArray(),
 101                 acceptingTrustStrategy)
 102         val csf = SSLConnectionSocketFactory(sslContext.build())
 103         return HttpClients.custom()
 104                 .addInterceptorFirst(WebClientUtils.logRequest())
 105                 .addInterceptorLast(WebClientUtils.logResponse())
 106                 .setSSLSocketFactory(csf).build()
 107
 108     }
 109
 110     // Non Blocking Rest Implementation
 111     override suspend fun httpClientNB(): CloseableHttpClient {
 112         return httpClient()
 113     }
 114
 115     override fun convertToBasicHeaders(headers: Map<String, String>): Array<BasicHeader> {
 116         var head1: Map<String, String> = defaultHeaders()
 117         var head2: MutableMap<String, String> = head1.toMutableMap()
 118         head2.putAll(headers)
 119         if (auth != null) {
 120             return auth!!.convertToBasicHeaders(head2)
 121         }
 122         return super.convertToBasicHeaders(head2)
 123     }
 124
 125 }