X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=sdnr%2Fwt%2Fapigateway%2Fprovider%2Fsrc%2Fmain%2Fjava%2Forg%2Fonap%2Fccsdk%2Ffeatures%2Fsdnr%2Fwt%2Fapigateway%2FBaseServlet.java;h=7c8a9a1d9b56fd05e6da04cec01b3dc75b5eba92;hb=258ca721d952cffc919ad2265e97d73357abeeae;hp=06002a20011fe446a37efcc5995896cd3c615004;hpb=e57b5a77c5679e512651c29a5636f00d7b9ee931;p=ccsdk%2Ffeatures.git diff --git a/sdnr/wt/apigateway/provider/src/main/java/org/onap/ccsdk/features/sdnr/wt/apigateway/BaseServlet.java b/sdnr/wt/apigateway/provider/src/main/java/org/onap/ccsdk/features/sdnr/wt/apigateway/BaseServlet.java index 06002a200..7c8a9a1d9 100644 --- a/sdnr/wt/apigateway/provider/src/main/java/org/onap/ccsdk/features/sdnr/wt/apigateway/BaseServlet.java +++ b/sdnr/wt/apigateway/provider/src/main/java/org/onap/ccsdk/features/sdnr/wt/apigateway/BaseServlet.java @@ -32,352 +32,335 @@ import java.security.NoSuchAlgorithmException; import java.util.Enumeration; import java.util.List; import java.util.Map; - import javax.net.ssl.HostnameVerifier; import javax.net.ssl.HttpsURLConnection; import javax.net.ssl.SSLContext; -import javax.net.ssl.SSLSession; import javax.net.ssl.TrustManager; import javax.servlet.ServletException; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; - import org.slf4j.Logger; import org.slf4j.LoggerFactory; public abstract class BaseServlet extends HttpServlet { - /** - * - */ - private static final long serialVersionUID = 7403047480257892794L; - private static Logger LOG = LoggerFactory.getLogger(BaseServlet.class); - private static SSLContext sc; - private boolean trustAll = false; - private static TrustManager[] trustCerts = null; - private static final int BUFSIZE = 2048; + private static final long serialVersionUID = 7403047480257892794L; + private static Logger LOG = LoggerFactory.getLogger(BaseServlet.class); + private static SSLContext sc; + private static TrustManager[] trustCerts = null; + private static final int BUFSIZE = 2048; + + protected abstract String getOfflineResponse(); - protected abstract String getOfflineResponse(); + protected abstract boolean isOff(); - protected abstract boolean isOff(); + protected abstract boolean doTrustAll(); - protected abstract String getRemoteUrl(String uri); + protected abstract void trustAll(boolean trust); - /** - * - * @throws NoSuchAlgorithmException - * @throws KeyManagementException - */ - private static void setupSslTrustAll(boolean trustall) throws NoSuchAlgorithmException, KeyManagementException { + protected abstract String getRemoteUrl(String uri); - sc = SSLContext.getInstance("TLSv1.2"); - if (trustall) { - if (trustCerts == null) { - trustCerts = new TrustManager[] { new javax.net.ssl.X509TrustManager() { - @Override - public java.security.cert.X509Certificate[] getAcceptedIssuers() { - return new java.security.cert.X509Certificate[] {}; - } + private static void setupSslTrustAll(boolean trustall) throws NoSuchAlgorithmException, KeyManagementException { - @Override - public void checkClientTrusted(java.security.cert.X509Certificate[] certs, String authType) { - // do not check anything when trust all - } + sc = SSLContext.getInstance("TLSv1.2"); + if (trustall) { + if (trustCerts == null) { + trustCerts = new TrustManager[] {new javax.net.ssl.X509TrustManager() { + @Override + public java.security.cert.X509Certificate[] getAcceptedIssuers() { + return new java.security.cert.X509Certificate[] {}; + } - @Override - public void checkServerTrusted(java.security.cert.X509Certificate[] certs, String authType) { - // do not check anything when trust all - } - } }; - } - } else { - if (trustCerts != null) - trustCerts = null; - } - // Init the SSLContext with a TrustManager[] and SecureRandom() - sc.init(null, trustCerts, new java.security.SecureRandom()); - } + @Override + public void checkClientTrusted(java.security.cert.X509Certificate[] certs, String authType) { + // do not check anything when trust all + } - public BaseServlet() { - try { - MyProperties.Instantiate(); - } catch (Exception e) { - LOG.error(e.getMessage()); - } - this.trysslSetup(true); - } + @Override + public void checkServerTrusted(java.security.cert.X509Certificate[] certs, String authType) { + // do not check anything when trust all + } + }}; + } + } else { + if (trustCerts != null) { + trustCerts = null; + } + } + // Init the SSLContext with a TrustManager[] and SecureRandom() + sc.init(null, trustCerts, new java.security.SecureRandom()); + } - private void trysslSetup() { - this.trysslSetup(false); - } + public BaseServlet() { + try { + MyProperties.Instantiate(); + } catch (Exception e) { + LOG.error(e.getMessage()); + } + this.trysslSetup(true); + } - /** - * init or deinit ssl insecure mode regarding to property - * - * @param force init independent from property - */ - private void trysslSetup(boolean force) { - // if trustall config has changed - if (force || trustAll != MyProperties.getInstance().trustInsecure()) { - // resetup ssl config - trustAll = MyProperties.getInstance().trustInsecure(); - try { - setupSslTrustAll(trustAll); - } catch (Exception e) { - LOG.error("problem setting up SSL: {}", e.getMessage()); - } - } - } + private void trysslSetup() { + this.trysslSetup(false); + } - protected void sendOffResponse(HttpServletResponse response) { - response.setStatus(200);// HTML/OK - response.setHeader("Content-Type", "text/html; charset=utf-8"); - try { - response.getOutputStream().write(this.getOfflineResponse().getBytes(StandardCharsets.UTF_8)); - } catch (IOException e) { - LOG.debug("problem writing offline response"); - } + /** + * init or deinit ssl insecure mode regarding to property + * + * @param force init independent from property + */ + private void trysslSetup(boolean force) { + // if trustall config has changed + boolean trustAll = MyProperties.getInstance().trustInsecure(); + if (force || this.doTrustAll() != trustAll) { + this.trustAll(trustAll); + // resetup ssl config + try { + setupSslTrustAll(trustAll); + } catch (Exception e) { + LOG.error("problem setting up SSL: {}", e.getMessage()); + } + } + } - } + protected void sendOffResponse(HttpServletResponse response) { + response.setStatus(200);// HTML/OK + response.setHeader("Content-Type", "text/html; charset=utf-8"); + try { + response.getOutputStream().write(this.getOfflineResponse().getBytes(StandardCharsets.UTF_8)); + } catch (IOException e) { + LOG.debug("problem writing offline response"); + } - @Override - protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { - if (this.isOff()) { - this.sendOffResponse(resp); - } else { - this.trysslSetup(); - HttpURLConnection http = null; - try { - http = (HttpURLConnection) this.getConnection(req, "GET"); - } catch (IOException e) { - LOG.warn(e.getMessage()); - } - if (http != null) { - try { - this.handleRequest(http, req, resp, "GET"); - } catch (IOException e) { - LOG.warn(e.getMessage()); - } - http.disconnect(); - } - else { - this.set404Response(resp); - } - } - } + } - @Override - protected void doPut(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { - if (this.isOff()) { - this.sendOffResponse(resp); - } else { - this.trysslSetup(); - HttpURLConnection http = null; - try { - http = (HttpURLConnection) this.getConnection(req, "PUT"); - } catch (IOException e) { - LOG.warn(e.getMessage()); - } - if (http != null) { - try { - this.handleRequest(http, req, resp, "PUT"); - } catch (IOException e) { - LOG.warn(e.getMessage()); - } - http.disconnect(); - } - else { - this.set404Response(resp); - } - } - } + @Override + protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { + if (this.isOff()) { + this.sendOffResponse(resp); + } else { + this.trysslSetup(); + HttpURLConnection http = null; + try { + http = (HttpURLConnection) this.getConnection(req, "GET"); + } catch (IOException e) { + LOG.warn(e.getMessage()); + } + if (http != null) { + try { + this.handleRequest(http, req, resp, "GET"); + } catch (IOException e) { + LOG.warn(e.getMessage()); + } + http.disconnect(); + } else { + this.set404Response(resp); + } + } + } - @Override - protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { - if (this.isOff()) { - this.sendOffResponse(resp); - } else { - this.trysslSetup(); - HttpURLConnection http = null; - try { - http = (HttpURLConnection) this.getConnection(req, "POST"); - } catch (IOException e) { - LOG.warn(e.getMessage()); - } - if (http != null) { - try { - this.handleRequest(http, req, resp, "POST"); - } catch (IOException e) { - LOG.warn(e.getMessage()); - } - http.disconnect(); - } - else { - this.set404Response(resp); - } - } - } + @Override + protected void doPut(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { + if (this.isOff()) { + this.sendOffResponse(resp); + } else { + this.trysslSetup(); + HttpURLConnection http = null; + try { + http = (HttpURLConnection) this.getConnection(req, "PUT"); + } catch (IOException e) { + LOG.warn(e.getMessage()); + } + if (http != null) { + try { + this.handleRequest(http, req, resp, "PUT"); + } catch (IOException e) { + LOG.warn(e.getMessage()); + } + http.disconnect(); + } else { + this.set404Response(resp); + } + } + } - @Override - protected void doDelete(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { - if (this.isOff()) { - this.sendOffResponse(resp); - } else { - this.trysslSetup(); - HttpURLConnection http = null; - try { - http = (HttpURLConnection) this.getConnection(req, "DELETE"); - } catch (IOException e) { - LOG.warn(e.getMessage()); - } - if (http != null) { - try { - this.handleRequest(http, req, resp, "DELETE"); - } catch (IOException e) { - LOG.warn(e.getMessage()); - } - http.disconnect(); - } - else { - this.set404Response(resp); - } - } - } + @Override + protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { + if (this.isOff()) { + this.sendOffResponse(resp); + } else { + this.trysslSetup(); + HttpURLConnection http = null; + try { + http = (HttpURLConnection) this.getConnection(req, "POST"); + } catch (IOException e) { + LOG.warn(e.getMessage()); + } + if (http != null) { + try { + this.handleRequest(http, req, resp, "POST"); + } catch (IOException e) { + LOG.warn(e.getMessage()); + } + http.disconnect(); + } else { + this.set404Response(resp); + } + } + } - private void set404Response(HttpServletResponse resp) { - resp.setStatus(404); - } + @Override + protected void doDelete(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { + if (this.isOff()) { + this.sendOffResponse(resp); + } else { + this.trysslSetup(); + HttpURLConnection http = null; + try { + http = (HttpURLConnection) this.getConnection(req, "DELETE"); + } catch (IOException e) { + LOG.warn(e.getMessage()); + } + if (http != null) { + try { + this.handleRequest(http, req, resp, "DELETE"); + } catch (IOException e) { + LOG.warn(e.getMessage()); + } + http.disconnect(); + } else { + this.set404Response(resp); + } + } + } - private URLConnection getConnection(HttpServletRequest req, final String method) throws IOException { + private void set404Response(HttpServletResponse resp) { + resp.setStatus(404); + } - LOG.debug("{} Request to {}", method,req.getRequestURL()); - String surl = this.getRemoteUrl(req.getRequestURI()); - if(method=="GET") { - Enumeration params = req.getParameterNames(); - if(params!=null) { - String param; - if(params.hasMoreElements()) { - param=params.nextElement(); - surl+="?"+param+"="+req.getParameter(param); - } - while(params.hasMoreElements()) { - param=params.nextElement(); - surl+="&"+param+"="+req.getParameter(param); - } - } - } - LOG.debug("RemoteURL: {}", surl); - if(surl==null) { - return null; - } - URL url = new URL(surl); - URLConnection http = url.openConnection(); - ((HttpURLConnection) http).setRequestMethod(method); - if (url.toString().startsWith("https")) { - ((HttpsURLConnection) http).setSSLSocketFactory(sc.getSocketFactory()); - if (trustAll) { - HostnameVerifier allHostsValid = new HostnameVerifier() { + private URLConnection getConnection(HttpServletRequest req, final String method) throws IOException { - @Override - public boolean verify(String hostname, SSLSession session) { - // do not verify host if trust all - return true; - } - }; - ((HttpsURLConnection) http).setHostnameVerifier(allHostsValid); - } - } - http.setDoOutput(true); - // copy request headers - String s = ""; - Enumeration headers = req.getHeaderNames(); - while (headers.hasMoreElements()) { - String h = headers.nextElement(); - String v = req.getHeader(h); - if (h != null && h.equals("Host")) { - v = url.getAuthority(); - } - s += String.format("%s:%s;", h, v); - http.setRequestProperty(h, v); - } - LOG.debug("Request Headers: {}", s); - return http; - } + LOG.debug("{} Request to {}", method, req.getRequestURL()); + String surl = this.getRemoteUrl(req.getRequestURI()); + if ("GET".equals(method)) { + Enumeration params = req.getParameterNames(); + if (params != null) { + String param; + if (params.hasMoreElements()) { + param = (String) params.nextElement(); + surl += "?" + param + "=" + req.getParameter(param); + } + while (params.hasMoreElements()) { + param = (String) params.nextElement(); + surl += "&" + param + "=" + req.getParameter(param); + } + } + } + LOG.debug("RemoteURL: {}", surl); + if (surl == null) { + return null; + } + URL url = new URL(surl); + URLConnection http = url.openConnection(); + ((HttpURLConnection) http).setRequestMethod(method); + if (url.toString().startsWith("https")) { + ((HttpsURLConnection) http).setSSLSocketFactory(sc.getSocketFactory()); + if (this.doTrustAll()) { + HostnameVerifier allHostsValid = (hostname, session) -> true; + ((HttpsURLConnection) http).setHostnameVerifier(allHostsValid); + } + } + http.setDoOutput(true); + // copy request headers + String s = ""; + Enumeration headers = req.getHeaderNames(); + while (headers.hasMoreElements()) { + String h = (String) headers.nextElement(); + String v = req.getHeader(h); + if (h != null && h.equals("Host")) { + v = url.getAuthority(); + } + s += String.format("%s:%s;", h, v); + http.setRequestProperty(h, v); + } + LOG.debug("Request Headers: {}", s); + return http; + } - private void handleRequest(HttpURLConnection http, HttpServletRequest req, HttpServletResponse resp, String method) - throws IOException { - byte[] buffer = new byte[BUFSIZE]; - int len = 0, lensum = 0; - // send request - // Send the message to destination - OutputStream output = null; - if (!method.equals("GET")) { - try { - output = http.getOutputStream(); - } catch (Exception e) { - LOG.debug("problem reading output stream: {}", e.getMessage()); - } - } - if (output != null) { - while (true) { - len = req.getInputStream().read(buffer, 0, BUFSIZE); - if (len <= 0) { - break; - } - lensum += len; - output.write(buffer, 0, len); - } - } - LOG.debug("written {} data out", lensum); - int responseCode = http.getResponseCode(); - // Receive answer - InputStream response; - if (responseCode >= 200 && responseCode < 300) { - response = http.getInputStream(); - } else { - response = http.getErrorStream(); - if (response == null) { - http.getInputStream(); - } - } + private void handleRequest(HttpURLConnection http, HttpServletRequest req, HttpServletResponse resp, String method) + throws IOException { + byte[] buffer = new byte[BUFSIZE]; + int len = 0, lensum = 0; + // send request + // Send the message to destination + OutputStream output = null; + if (!method.equals("GET")) { + try { + output = http.getOutputStream(); + } catch (Exception e) { + LOG.debug("problem reading output stream: {}", e.getMessage()); + } + } + if (output != null) { + while (true) { + len = req.getInputStream().read(buffer, 0, BUFSIZE); + if (len <= 0) { + break; + } + lensum += len; + output.write(buffer, 0, len); + } + } + LOG.debug("written {} data out", lensum); + int responseCode = http.getResponseCode(); + // Receive answer + InputStream response; + if (responseCode >= 200 && responseCode < 300) { + response = http.getInputStream(); + } else { + response = http.getErrorStream(); + if (response == null) { + http.getInputStream(); + } + } - LOG.debug("ResponseCode: {}", responseCode); - resp.setStatus(responseCode); - Map> set = http.getHeaderFields(); - String s = ""; - if (set != null) { - for (Map.Entry> entry : set.entrySet()) { - if (entry.getKey() == null) { - continue; - } - for (String v : entry.getValue()) { - resp.setHeader(entry.getKey(), v); - s += String.format("%s:%s;", entry.getKey(), v); - } - if (MyProperties.getInstance().corsEnabled()) { - resp.setHeader("Access-Control-Allow-Origin", "*"); - // resp.setHeader("Access-Control-Allow-Methods", "GET,PUT,POST,DELETE"); - resp.setHeader("Access-Control-Allow-Headers", "Content-Type, Authorization"); - } + LOG.debug("ResponseCode: {}", responseCode); + resp.setStatus(responseCode); + Map> set = http.getHeaderFields(); + String s = ""; + if (set != null) { + for (Map.Entry> entry : set.entrySet()) { + if (entry.getKey() == null) { + continue; + } + for (String v : entry.getValue()) { + resp.setHeader(entry.getKey(), v); + s += String.format("%s:%s;", entry.getKey(), v); + } + if (MyProperties.getInstance().corsEnabled()) { + resp.setHeader("Access-Control-Allow-Origin", "*"); + // resp.setHeader("Access-Control-Allow-Methods", "GET,PUT,POST,DELETE"); + resp.setHeader("Access-Control-Allow-Headers", "Content-Type, Authorization"); + } - } - } - LOG.debug("Received Headers: {}", s); - lensum = 0; - if (response != null) { - while (true) { - len = response.read(buffer, 0, BUFSIZE); - if (len <= 0) { - break; - } - lensum += len; - resp.getOutputStream().write(buffer, 0, len); - } - } else { - LOG.debug("response is null"); - } - LOG.debug("Received {} bytes", lensum); - } + } + } + LOG.debug("Received Headers: {}", s); + lensum = 0; + if (response != null) { + while (true) { + len = response.read(buffer, 0, BUFSIZE); + if (len <= 0) { + break; + } + lensum += len; + resp.getOutputStream().write(buffer, 0, len); + } + } else { + LOG.debug("response is null"); + } + LOG.debug("Received {} bytes", lensum); + } }