* ============LICENSE_START=======================================================
* ONAP - SO
* ================================================================================
- * Copyright (C) 2017 - 2019 Bell Canada.
+ * Copyright (C) 2017 - 2019 Bell Canada, Deutsche Telekom.
* ================================================================================
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
import io.grpc.ManagedChannel;
import io.grpc.internal.DnsNameResolverProvider;
-import io.grpc.internal.PickFirstLoadBalancerProvider;
+import io.grpc.netty.GrpcSslContexts;
import io.grpc.netty.NettyChannelBuilder;
+import java.security.KeyStore;
+import java.security.KeyStoreException;
+import java.security.NoSuchAlgorithmException;
import java.util.concurrent.CountDownLatch;
+import java.util.concurrent.TimeUnit;
+import javax.net.ssl.SSLException;
+import javax.net.ssl.TrustManagerFactory;
import org.onap.ccsdk.cds.controllerblueprints.processing.api.ExecutionServiceInput;
+import org.onap.so.client.KeyStoreLoader;
import org.onap.so.client.PreconditionFailedException;
import org.onap.so.client.RestPropertiesLoader;
import org.slf4j.Logger;
throw new PreconditionFailedException(
"No RestProperty.CDSProperties implementation found on classpath, can't create client.");
}
- this.channel = NettyChannelBuilder.forAddress(props.getHost(), props.getPort())
- .nameResolverFactory(new DnsNameResolverProvider())
- .loadBalancerFactory(new PickFirstLoadBalancerProvider())
- .intercept(new BasicAuthClientInterceptor(props)).usePlaintext().build();
+ NettyChannelBuilder builder = NettyChannelBuilder.forAddress(props.getHost(), props.getPort())
+ .nameResolverFactory(new DnsNameResolverProvider());
+ if (props.getUseSSL()) {
+ log.info("Configure SSL connection");
+ KeyStore ks = KeyStoreLoader.getKeyStore();
+ if (ks == null) {
+ log.error("Can't load KeyStore");
+ throw new RuntimeException("Can't load KeyStore to create secure channel");
+ }
+ try {
+ TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
+ tmf.init(ks);
+ builder.sslContext(GrpcSslContexts.forClient().trustManager(tmf).build());
+ } catch (NoSuchAlgorithmException e) {
+ log.error("Can't get default TrustManager algorithm");
+ throw new RuntimeException(e);
+ } catch (KeyStoreException e) {
+ log.error("TrustManagerFactory initialization failed");
+ throw new RuntimeException(e);
+ } catch (SSLException e) {
+ log.error("SslContext build error");
+ throw new RuntimeException(e);
+ }
+ }
+ if (props.getUseBasicAuth()) {
+ log.info("Configure Basic authentication");
+ builder.intercept(new BasicAuthClientInterceptor(props)).usePlaintext();
+ }
+ builder.keepAliveTime(props.getKeepAlivePingMinutes(), TimeUnit.MINUTES);
+ this.channel = builder.build();
this.handler = new CDSProcessingHandler(listener);
log.info("CDSProcessingClient started");
}
Code Review / so.git / blobdiff