update link to upper-constraints.txt

[dmaap/datarouter.git] / datarouter-prov / src / main / java / org / onap / dmaap / datarouter / provisioning / ProxyServlet.java

diff --git a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/ProxyServlet.java b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/ProxyServlet.java
index 96dae25..86b583a 100755 (executable)
--- a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/ProxyServlet.java
+++ b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/ProxyServlet.java
@@ -24,21 +24,17 @@
 
 package org.onap.dmaap.datarouter.provisioning;
 
-import java.io.File;
-import java.io.FileInputStream;
-import java.io.FileNotFoundException;
+import static org.onap.dmaap.datarouter.provisioning.utils.HttpServletUtils.sendResponseError;
+
+import jakarta.servlet.ServletConfig;
+import jakarta.servlet.ServletException;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
 import java.io.IOException;
 import java.io.InputStream;
 import java.net.URI;
-import java.security.KeyStore;
-import java.security.KeyStoreException;
 import java.util.Collections;
 import java.util.List;
-import java.util.Properties;
-import javax.servlet.ServletConfig;
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
 import org.apache.commons.io.IOUtils;
 import org.apache.http.Header;
 import org.apache.http.HttpEntity;
@@ -46,16 +42,15 @@ import org.apache.http.HttpResponse;
 import org.apache.http.client.methods.HttpEntityEnclosingRequestBase;
 import org.apache.http.client.methods.HttpGet;
 import org.apache.http.client.methods.HttpRequestBase;
+import org.apache.http.conn.scheme.PlainSocketFactory;
 import org.apache.http.conn.scheme.Scheme;
 import org.apache.http.conn.ssl.SSLSocketFactory;
 import org.apache.http.entity.BasicHttpEntity;
 import org.apache.http.impl.client.AbstractHttpClient;
 import org.apache.http.impl.client.DefaultHttpClient;
-import org.onap.dmaap.datarouter.provisioning.utils.DB;
+import org.onap.dmaap.datarouter.provisioning.utils.SynchronizerTask;
 import org.onap.dmaap.datarouter.provisioning.utils.URLUtilities;
 
-import static org.onap.dmaap.datarouter.provisioning.utils.HttpServletUtils.sendResponseError;
-
 /**
  * This class is the base class for those servlets that need to proxy their requests from the standby to active server.
  * Its methods perform the proxy function to the active server. If the active server is not reachable, a 503
@@ -65,6 +60,7 @@ import static org.onap.dmaap.datarouter.provisioning.utils.HttpServletUtils.send
  * @version $Id: ProxyServlet.java,v 1.3 2014/03/24 18:47:10 eby Exp $
  */
 @SuppressWarnings("serial")
+
 public class ProxyServlet extends BaseServlet {
 
     private boolean inited = false;
@@ -78,27 +74,14 @@ public class ProxyServlet extends BaseServlet {
     public void init(ServletConfig config) throws ServletException {
         super.init(config);
         try {
-            // Set up keystore
-            Properties props = (new DB()).getProperties();
-            String type = props.getProperty(Main.KEYSTORE_TYPE_PROPERTY, "jks");
-            String store = props.getProperty(Main.KEYSTORE_PATH_PROPERTY);
-            String pass = props.getProperty(Main.KEYSTORE_PASS_PROPERTY);
-            KeyStore keyStore = readStore(store, pass, type);
-
-            store = props.getProperty(Main.TRUSTSTORE_PATH_PROPERTY);
-            pass = props.getProperty(Main.TRUSTSTORE_PASS_PROPERTY);
-            if (store == null || store.length() == 0) {
-                store = Main.DEFAULT_TRUSTSTORE;
-                pass = "changeit";
+            if (Boolean.TRUE.equals(ProvRunner.getTlsEnabled())) {
+                SSLSocketFactory socketFactory = ProvRunner.getProvTlsManager().getSslSocketFactory();
+                socketFactory.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
+                sch = new Scheme("https", 443, socketFactory);
+            } else {
+                PlainSocketFactory socketFactory = new PlainSocketFactory();
+                sch = new Scheme("http", 80, socketFactory);
             }
-            KeyStore trustStore = readStore(store, pass, KeyStore.getDefaultType());
-
-            // We are connecting with the node name, but the certificate will have the CNAME
-            // So we need to accept a non-matching certificate name
-            SSLSocketFactory socketFactory = new SSLSocketFactory(keyStore,
-                props.getProperty(Main.KEYSTORE_PASS_PROPERTY), trustStore);
-            socketFactory.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
-            sch = new Scheme("https", 443, socketFactory);
             inited = true;
         } catch (Exception e) {
             intlogger.error("ProxyServlet.init: " + e.getMessage(), e);
@@ -106,18 +89,6 @@ public class ProxyServlet extends BaseServlet {
         intlogger.info("ProxyServlet: inited = " + inited);
     }
 
-    private KeyStore readStore(String store, String pass, String type) throws KeyStoreException {
-        KeyStore ks = KeyStore.getInstance(type);
-        try (FileInputStream instream = new FileInputStream(new File(store))) {
-            ks.load(instream, pass.toCharArray());
-        } catch (FileNotFoundException fileNotFoundException) {
-            intlogger.error("ProxyServlet.readStore: " + fileNotFoundException.getMessage(), fileNotFoundException);
-        } catch (Exception x) {
-            intlogger.error("READING TRUSTSTORE: " + x);
-        }
-        return ks;
-    }
-
     /**
      * Return <i>true</i> if the requester has NOT set the <i>noproxy</i> CGI variable. If they have, this indicates
      * they want to forcibly turn the proxy off.
@@ -125,12 +96,12 @@ public class ProxyServlet extends BaseServlet {
      * @param req the HTTP request
      * @return true or false
      */
-    protected boolean isProxyOK(final HttpServletRequest req) {
-        String t = req.getQueryString();
-        if (t != null) {
-            t = t.replaceAll("&amp;", "&");
-            for (String s : t.split("&")) {
-                if (s.equals("noproxy") || s.startsWith("noproxy=")) {
+    boolean isProxyOK(final HttpServletRequest req) {
+        String str = req.getQueryString();
+        if (str != null) {
+            str = str.replaceAll("&amp;", "&");
+            for (String s : str.split("&")) {
+                if ("noproxy".equals(s) || s.startsWith("noproxy=")) {
                     return false;
                 }
             }
@@ -144,9 +115,9 @@ public class ProxyServlet extends BaseServlet {
      *
      * @return true if this server is the standby (and hence a proxy server).
      */
-    public boolean isProxyServer() {
+    boolean isProxyServer() {
         SynchronizerTask st = SynchronizerTask.getSynchronizer();
-        return st.getState() == SynchronizerTask.STANDBY;
+        return st.getPodState() == SynchronizerTask.STANDBY_POD;
     }
 
     /**
@@ -187,7 +158,7 @@ public class ProxyServlet extends BaseServlet {
      *
      * @return true if the proxy succeeded
      */
-    public boolean doGetWithFallback(HttpServletRequest req, HttpServletResponse resp) {
+    boolean doGetWithFallback(HttpServletRequest req, HttpServletResponse resp) {
         boolean rv = false;
         if (inited) {
             String url = buildUrl(req);
@@ -234,12 +205,8 @@ public class ProxyServlet extends BaseServlet {
 
                     // Copy request headers and request body
                     copyRequestHeaders(req, proxy);
-                    if (method.equals("POST") || method.equals("PUT")) {
-                        BasicHttpEntity body = new BasicHttpEntity();
-                        body.setContent(req.getInputStream());
-                        body.setContentLength(-1);    // -1 = unknown
-                        proxy.setEntity(body);
-                    }
+
+                    handlePutOrPost(req, method, proxy);
 
                     // Execute the request
                     HttpResponse pxyResponse = httpclient.execute(proxy);
@@ -263,38 +230,46 @@ public class ProxyServlet extends BaseServlet {
         }
     }
 
+    private void handlePutOrPost(HttpServletRequest req, String method, ProxyHttpRequest proxy) throws IOException {
+        if ("POST".equals(method) || "PUT".equals(method)) {
+            BasicHttpEntity body = new BasicHttpEntity();
+            body.setContent(req.getInputStream());
+            body.setContentLength(-1);    // -1 = unknown
+            proxy.setEntity(body);
+        }
+    }
+
     private String buildUrl(HttpServletRequest req) {
         StringBuilder sb = new StringBuilder("https://");
         sb.append(URLUtilities.getPeerPodName());
         sb.append(req.getRequestURI());
-        String q = req.getQueryString();
-        if (q != null) {
-            sb.append("?").append(q);
+        String query = req.getQueryString();
+        if (query != null) {
+            sb.append("?").append(query);
         }
         return sb.toString();
     }
 
     private void copyRequestHeaders(HttpServletRequest from, HttpRequestBase to) {
-        @SuppressWarnings("unchecked")
         List<String> list = Collections.list(from.getHeaderNames());
         for (String name : list) {
             // Proxy code will add this one
-            if (!name.equalsIgnoreCase("Content-Length")) {
+            if (!"Content-Length".equalsIgnoreCase(name)) {
                 to.addHeader(name, from.getHeader(name));
             }
         }
     }
 
-    private void copyResponseHeaders(HttpResponse from, HttpServletResponse to) {
+    void copyResponseHeaders(HttpResponse from, HttpServletResponse to) {
         for (Header hdr : from.getAllHeaders()) {
             // Don't copy Date: our Jetty will add another Date header
-            if (!hdr.getName().equals("Date")) {
+            if (!"Date".equals(hdr.getName())) {
                 to.addHeader(hdr.getName(), hdr.getValue());
             }
         }
     }
 
-    private void copyEntityContent(HttpResponse pxyResponse, HttpServletResponse resp) {
+    void copyEntityContent(HttpResponse pxyResponse, HttpServletResponse resp) {
         HttpEntity entity = pxyResponse.getEntity();
         if (entity != null) {
             try (InputStream in = entity.getContent()) {
@@ -305,11 +280,11 @@ public class ProxyServlet extends BaseServlet {
         }
     }
 
-    public class ProxyHttpRequest extends HttpEntityEnclosingRequestBase {
+    public static class ProxyHttpRequest extends HttpEntityEnclosingRequestBase {
 
         private final String method;
 
-        public ProxyHttpRequest(final String method, final String uri) {
+        ProxyHttpRequest(final String method, final String uri) {
             super();
             this.method = method;
             setURI(URI.create(uri));