import java.net.URL;
import java.nio.file.Files;
import java.nio.file.Paths;
+import java.security.KeyStore;
import java.util.ArrayList;
import java.util.Base64;
import java.util.Collections;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import javax.net.ssl.HttpsURLConnection;
+import javax.net.ssl.KeyManagerFactory;
+import javax.net.ssl.SSLContext;
import javax.ws.rs.ProcessingException;
import javax.ws.rs.client.Client;
import javax.ws.rs.client.ClientBuilder;
loadPartners(partners);
log.info("Partners support enabled");
} catch (Exception e) {
- log.warn("Partners file could not be read, Partner support will not be enabled.", e);
+ log.warn("Partners file could not be read, Partner support will not be enabled. " + e.getMessage());
}
try (FileInputStream in = new FileInputStream(configDir + "/" + UEB_PROPERTIES_FILE_NAME)) {
uebServers = props.getProperty("servers");
log.info("UEB support enabled");
} catch (Exception e) {
- log.warn("UEB properties could not be read, UEB support will not be enabled.", e);
+ log.warn("UEB properties could not be read, UEB support will not be enabled. " + e.getMessage());
}
httpConnectTimeout = readOptionalInteger("HTTP_CONNECT_TIMEOUT_MS",DEFAULT_HTTP_CONNECT_TIMEOUT_MS);
httpReadTimeout = readOptionalInteger("HTTP_READ_TIMEOUT_MS",DEFAULT_HTTP_READ_TIMEOUT_MS);
String skipSendingStr = paramMap.get(skipSendingMessage);
p.skipSending = "true".equalsIgnoreCase(skipSendingStr);
p.convertResponse = valueOf(parseParam(paramMap, "convertResponse", false, "true"));
+ p.keyStoreFileName = parseParam(paramMap, "keyStoreFileName", false, null);
+ p.keyStorePassword = parseParam(paramMap, "keyStorePassword", false, null);
+ p.ssl = p.keyStoreFileName != null && p.keyStorePassword != null;
p.customHttpHeaders = parseParam(paramMap, "customHttpHeaders", false, null);
p.partner = parseParam(paramMap, "partner", false, null);
p.dumpHeaders = valueOf(parseParam(paramMap, "dumpHeaders", false, null));
*/
public HttpResponse sendHttpRequest(String request, Parameters p) throws SvcLogicException {
- HttpsURLConnection.setDefaultHostnameVerifier((string, ssls) -> true);
+ SSLContext ssl = null;
+ if (p.ssl && p.restapiUrl.startsWith("https")) {
+ ssl = createSSLContext(p);
+ }
+ Client client;
+ if (ssl != null) {
+ HttpsURLConnection.setDefaultSSLSocketFactory(ssl.getSocketFactory());
+ client = ClientBuilder.newBuilder().sslContext(ssl).hostnameVerifier((s, sslSession) -> true).build();
+ } else {
+ client = ClientBuilder.newBuilder().hostnameVerifier((s, sslSession) -> true).build();
+ }
- Client client = ClientBuilder.newBuilder().hostnameVerifier((s, sslSession) -> true).build();
setClientTimeouts(client);
// Needed to support additional HTTP methods such as PATCH
client.property(HttpUrlConnectorProvider.SET_METHOD_WORKAROUND, true);
return r;
}
+ protected SSLContext createSSLContext(Parameters p) {
+ try (FileInputStream in = new FileInputStream(p.keyStoreFileName)) {
+ HttpsURLConnection.setDefaultHostnameVerifier((string, ssls) -> true);
+ KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
+ KeyStore ks = KeyStore.getInstance("PKCS12");
+ char[] pwd = p.keyStorePassword.toCharArray();
+ ks.load(in, pwd);
+ kmf.init(ks, pwd);
+ SSLContext ctx = SSLContext.getInstance("TLS");
+ ctx.init(kmf.getKeyManagers(), null, null);
+ return ctx;
+ } catch (Exception e) {
+ log.error("Error creating SSLContext: {}", e.getMessage(), e);
+ }
+ return null;
+ }
+
protected void setFailureResponseStatus(SvcLogicContext ctx, String prefix, String errorMessage,
HttpResponse resp) {
resp.code = 500;