gerrit.onap Code Review - ccsdk/apps.git/blob

   1 /*
   2  * Copyright © 2017-2019 AT&T, Bell Canada
   3  *
   4  * Licensed under the Apache License, Version 2.0 (the "License");
   5  * you may not use this file except in compliance with the License.
   6  * You may obtain a copy of the License at
   7  *
   8  *     http://www.apache.org/licenses/LICENSE-2.0
   9  *
  10  * Unless required by applicable law or agreed to in writing, software
  11  * distributed under the License is distributed on an "AS IS" BASIS,
  12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  13  * See the License for the specific language governing permissions and
  14  * limitations under the License.
  15  */
  16
  17 package org.onap.ccsdk.apps.blueprintsprocessor.rest.service
  18
  19 import org.apache.http.conn.ssl.SSLConnectionSocketFactory
  20 import org.apache.http.impl.client.CloseableHttpClient
  21 import org.apache.http.impl.client.HttpClients
  22 import org.apache.http.message.BasicHeader
  23 import org.apache.http.ssl.SSLContextBuilder
  24 import org.onap.ccsdk.apps.blueprintsprocessor.rest.SSLBasicAuthRestClientProperties
  25 import org.onap.ccsdk.apps.blueprintsprocessor.rest.utils.WebClientUtils
  26 import org.springframework.http.HttpHeaders
  27 import org.springframework.http.MediaType
  28 import java.io.File
  29 import java.io.FileInputStream
  30 import java.security.KeyStore
  31 import java.security.cert.X509Certificate
  32
  33 class SSLBasicAuthRestClientService(private val restClientProperties: SSLBasicAuthRestClientProperties) :
  34     BlueprintWebClientService {
  35
  36     override fun headers(): Array<BasicHeader> {
  37         val params = arrayListOf<BasicHeader>()
  38         params.add(BasicHeader(HttpHeaders.CONTENT_TYPE, MediaType.APPLICATION_JSON_VALUE))
  39         params.add(BasicHeader(HttpHeaders.ACCEPT, MediaType.APPLICATION_JSON_VALUE))
  40         return params.toTypedArray()
  41     }
  42
  43     override fun host(uri: String): String {
  44         return restClientProperties.url + uri
  45     }
  46
  47     override fun httpClient(): CloseableHttpClient {
  48
  49         val keystoreInstance = restClientProperties.keyStoreInstance
  50         val sslKey = restClientProperties.sslKey
  51         val sslKeyPwd = restClientProperties.sslKeyPassword
  52         val sslTrust = restClientProperties.sslTrust
  53         val sslTrustPwd = restClientProperties.sslTrustPassword
  54
  55         val acceptingTrustStrategy = { chain: Array<X509Certificate>, authType: String -> true }
  56
  57         FileInputStream(sslKey).use { keyInput ->
  58             val keyStore = KeyStore.getInstance(keystoreInstance)
  59             keyStore.load(keyInput, sslKeyPwd.toCharArray())
  60
  61             val sslContext =
  62                 SSLContextBuilder.create()
  63                     .loadKeyMaterial(keyStore, sslKeyPwd.toCharArray())
  64                     .loadTrustMaterial(File(sslTrust), sslTrustPwd.toCharArray(), acceptingTrustStrategy).build()
  65
  66             val csf = SSLConnectionSocketFactory(sslContext!!)
  67
  68             return HttpClients.custom()
  69                 .addInterceptorFirst(WebClientUtils.logRequest())
  70                 .addInterceptorLast(WebClientUtils.logResponse())
  71                 .setSSLSocketFactory(csf).build()
  72         }
  73     }
  74 }