package org.onap.ccsdk.cds.blueprintsprocessor.rest.service
+import org.apache.http.conn.ssl.NoopHostnameVerifier
import org.apache.http.conn.ssl.SSLConnectionSocketFactory
import org.apache.http.impl.client.CloseableHttpClient
import org.apache.http.impl.client.HttpClients
import org.apache.http.message.BasicHeader
import org.apache.http.ssl.SSLContextBuilder
+import org.onap.ccsdk.cds.blueprintsprocessor.rest.BasicAuthRestClientProperties
+import org.onap.ccsdk.cds.blueprintsprocessor.rest.RestClientProperties
import org.onap.ccsdk.cds.blueprintsprocessor.rest.SSLBasicAuthRestClientProperties
import org.onap.ccsdk.cds.blueprintsprocessor.rest.SSLRestClientProperties
import org.onap.ccsdk.cds.blueprintsprocessor.rest.SSLTokenAuthRestClientProperties
import java.security.KeyStore
import java.security.cert.X509Certificate
-class SSLRestClientService(private val restClientProperties: SSLRestClientProperties) :
- BlueprintWebClientService {
+open class SSLRestClientService(private val restClientProperties: SSLRestClientProperties) :
+ BaseBlueprintWebClientService<SSLRestClientProperties>() {
var auth: BlueprintWebClientService? = null
auth = getAuthService()
}
- private fun getAuthService(): BlueprintWebClientService? {
- //type,url and additional headers don't get carried over to TokenAuthRestClientProperties from SSLTokenAuthRestClientProperties
- //set them in auth obj to be consistent. TODO: refactor
+ override fun getRestClientProperties(): SSLRestClientProperties {
+ return restClientProperties
+ }
+
+ private fun getAuthService(): BaseBlueprintWebClientService<RestClientProperties>? {
+ // type,url and additional headers don't get carried over to TokenAuthRestClientProperties from SSLTokenAuthRestClientProperties
+ // set them in auth obj to be consistent. TODO: refactor
return when (restClientProperties) {
is SSLBasicAuthRestClientProperties -> {
- val basicAuthProps = restClientProperties.basicAuth!!
+ val basicAuthProps = BasicAuthRestClientProperties()
+ basicAuthProps.username = restClientProperties.username
+ basicAuthProps.password = restClientProperties.password
basicAuthProps.additionalHeaders = restClientProperties.additionalHeaders
basicAuthProps.url = restClientProperties.url
basicAuthProps.type = restClientProperties.type
TokenAuthRestClientService(token)
}
else -> {
- //Returns null for No auth
+ // Returns null for No auth
null
}
}
}
return mapOf(
HttpHeaders.CONTENT_TYPE to MediaType.APPLICATION_JSON_VALUE,
- HttpHeaders.ACCEPT to MediaType.APPLICATION_JSON_VALUE)
- }
-
- override fun host(uri: String): String {
- return restClientProperties.url + uri
+ HttpHeaders.ACCEPT to MediaType.APPLICATION_JSON_VALUE
+ )
}
override fun httpClient(): CloseableHttpClient {
val sslKeyPwd = restClientProperties.sslKeyPassword
val sslTrust = restClientProperties.sslTrust
val sslTrustPwd = restClientProperties.sslTrustPassword
+ val sslTrustIgnoreHostname = restClientProperties.sslTrustIgnoreHostname
val acceptingTrustStrategy = { _: Array<X509Certificate>, _: String ->
true
}
}
- sslContext.loadTrustMaterial(File(sslTrust), sslTrustPwd.toCharArray(),
- acceptingTrustStrategy)
- val csf = SSLConnectionSocketFactory(sslContext.build())
+ sslContext.loadTrustMaterial(File(sslTrust), sslTrustPwd.toCharArray(), acceptingTrustStrategy)
+ var csf: SSLConnectionSocketFactory
+ if (sslTrustIgnoreHostname) {
+ csf = SSLConnectionSocketFactory(sslContext.build(), NoopHostnameVerifier())
+ } else {
+ csf = SSLConnectionSocketFactory(sslContext.build())
+ }
return HttpClients.custom()
.addInterceptorFirst(WebClientUtils.logRequest())
.addInterceptorLast(WebClientUtils.logResponse())
+ .setDefaultRequestConfig(getRequestConfig())
.setSSLSocketFactory(csf).build()
}
- // Non Blocking Rest Implementation
- override suspend fun httpClientNB(): CloseableHttpClient {
- return httpClient()
- }
-
override fun convertToBasicHeaders(headers: Map<String, String>): Array<BasicHeader> {
val mergedDefaultAndSuppliedHeaders = defaultHeaders().plus(headers)
- //During the initialization, getAuthService() sets the auth variable.
- //If it's not null, then we have an authentication mechanism.
- //If null - indicates no-auth used
+ // During the initialization, getAuthService() sets the auth variable.
+ // If it's not null, then we have an authentication mechanism.
+ // If null - indicates no-auth used
if (auth != null) {
return auth!!.convertToBasicHeaders(mergedDefaultAndSuppliedHeaders)
}
- //inject additionalHeaders
- return super.convertToBasicHeaders(mergedDefaultAndSuppliedHeaders
- .plus(verifyAdditionalHeaders(restClientProperties)))
+ // inject additionalHeaders
+ return super.convertToBasicHeaders(
+ mergedDefaultAndSuppliedHeaders
+ .plus(verifyAdditionalHeaders(restClientProperties))
+ )
}
}